Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-38477
Vulnerability from cvelistv5
Published
2024-07-01 18:16
Modified
2025-03-18 18:36
Severity ?
EPSS score ?
8.42%
(0.91508)
Summary
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: 2.4.0 ≤ 2.4.59 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-38477", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-22T16:23:13.858578Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T18:36:04.103Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:04:58.395Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240712-0001/", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/01/10", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.4.59", status: "affected", version: "2.4.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Orange Tsai (@orange_8361) from DEVCORE", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.<br>Users are recommended to upgrade to version 2.4.60, which fixes this issue.", }, ], value: "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-12T14:06:17.790Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { url: "https://security.netapp.com/advisory/ntap-20240712-0001/", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2024-04-01T12:00:00.000Z", value: "Reported", }, ], title: "Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2024-38477", datePublished: "2024-07-01T18:16:11.935Z", dateReserved: "2024-06-17T11:11:30.174Z", dateUpdated: "2025-03-18T18:36:04.103Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-38477\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-01T19:15:05.083\",\"lastModified\":\"2025-03-18T19:15:42.683\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\"},{\"lang\":\"es\",\"value\":\"La desreferencia del puntero nulo en mod_proxy en Apache HTTP Server 2.4.59 y versiones anteriores permite a un atacante bloquear el servidor mediante una solicitud maliciosa. Se recomienda a los usuarios actualizar a la versión 2.4.60, que soluciona este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.60\",\"matchCriteriaId\":\"13126636-FD76-4E3E-B949-14A5082DE02A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3ED302E-F464-40DE-A976-FD518E42D95D\"}]}]}],\"references\":[{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/10\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-13T17:04:58.395Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38477\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-22T16:23:13.858578Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-22T16:23:24.134Z\"}}], \"cna\": {\"title\": \"Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Orange Tsai (@orange_8361) from DEVCORE\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"important\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache HTTP Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.4.59\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-04-01T12:00:00.000Z\", \"value\": \"Reported\"}], \"references\": [{\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.<br>Users are recommended to upgrade to version 2.4.60, which fixes this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-12T14:06:17.790Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-38477\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-18T18:36:04.103Z\", \"dateReserved\": \"2024-06-17T11:11:30.174Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-01T18:16:11.935Z\", \"assignerShortName\": \"apache\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
ncsc-2024-0426
Vulnerability from csaf_ncscnl
Published
2024-10-30 11:26
Modified
2024-10-30 11:26
Summary
Kwetsbaarheden verholpen in Apple MacOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apple heeft kwetsbaarheden verholpen in MacOS.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Toegang tot systeemgegevens
* Manipulatie van gegevens
* Omzeilen van beveiligingsmaatregel
Oplossingen
Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7.1, 14.7.1 en 15.1. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-922
Insecure Storage of Sensitive Information
CWE-265
CWE-265
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-476
NULL Pointer Dereference
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-918
Server-Side Request Forgery (SSRF)
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-20
Improper Input Validation
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Apple heeft kwetsbaarheden verholpen in MacOS.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* Omzeilen van beveiligingsmaatregel", title: "Interpretaties", }, { category: "description", text: "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7.1, 14.7.1 en 15.1. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, { category: "general", text: "CWE-265", title: "CWE-265", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121564", }, { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121568", }, { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121570", }, ], title: "Kwetsbaarheden verholpen in Apple MacOS", tracking: { current_release_date: "2024-10-30T11:26:13.535716Z", id: "NCSC-2024-0426", initial_release_date: "2024-10-30T11:26:13.535716Z", revision_history: [ { date: "2024-10-30T11:26:13.535716Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "macos_sequoia__15.1", product: { name: "macos_sequoia__15.1", product_id: "CSAFPID-1694236", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_sequoia__15.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "macos_sonoma__14.7.1", product: { name: "macos_sonoma__14.7.1", product_id: "CSAFPID-1694237", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_sonoma__14.7.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "macos_ventura__13.7.1", product: { name: "macos_ventura__13.7.1", product_id: "CSAFPID-1694238", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_ventura__13.7.1:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apple", }, ], }, vulnerabilities: [ { cve: "CVE-2024-44211", references: [ { category: "self", summary: "CVE-2024-44211", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44211.json", }, ], title: "CVE-2024-44211", }, { cve: "CVE-2024-44213", references: [ { category: "self", summary: "CVE-2024-44213", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44213.json", }, ], title: "CVE-2024-44213", }, { cve: "CVE-2024-44215", references: [ { category: "self", summary: "CVE-2024-44215", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44215.json", }, ], title: "CVE-2024-44215", }, { cve: "CVE-2024-44216", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44216", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44216.json", }, ], title: "CVE-2024-44216", }, { cve: "CVE-2024-44218", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, ], references: [ { category: "self", summary: "CVE-2024-44218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44218.json", }, ], title: "CVE-2024-44218", }, { cve: "CVE-2024-44222", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44222", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44222.json", }, ], title: "CVE-2024-44222", }, { cve: "CVE-2024-44223", references: [ { category: "self", summary: "CVE-2024-44223", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44223.json", }, ], title: "CVE-2024-44223", }, { cve: "CVE-2024-44229", references: [ { category: "self", summary: "CVE-2024-44229", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44229.json", }, ], title: "CVE-2024-44229", }, { cve: "CVE-2024-44231", references: [ { category: "self", summary: "CVE-2024-44231", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44231.json", }, ], title: "CVE-2024-44231", }, { cve: "CVE-2024-44236", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44236", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44236.json", }, ], title: "CVE-2024-44236", }, { cve: "CVE-2024-44237", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44237", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44237.json", }, ], title: "CVE-2024-44237", }, { cve: "CVE-2024-44239", references: [ { category: "self", summary: "CVE-2024-44239", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44239.json", }, ], title: "CVE-2024-44239", }, { cve: "CVE-2024-44240", references: [ { category: "self", summary: "CVE-2024-44240", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44240.json", }, ], title: "CVE-2024-44240", }, { cve: "CVE-2024-44244", references: [ { category: "self", summary: "CVE-2024-44244", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44244.json", }, ], title: "CVE-2024-44244", }, { cve: "CVE-2024-44247", references: [ { category: "self", summary: "CVE-2024-44247", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44247.json", }, ], title: "CVE-2024-44247", }, { cve: "CVE-2024-44253", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], references: [ { category: "self", summary: "CVE-2024-44253", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44253.json", }, ], title: "CVE-2024-44253", }, { cve: "CVE-2024-44254", references: [ { category: "self", summary: "CVE-2024-44254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44254.json", }, ], title: "CVE-2024-44254", }, { cve: "CVE-2024-44255", references: [ { category: "self", summary: "CVE-2024-44255", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44255.json", }, ], title: "CVE-2024-44255", }, { cve: "CVE-2024-44256", cwe: { id: "CWE-265", name: "-", }, notes: [ { category: "other", text: "CWE-265", title: "CWE-265", }, ], references: [ { category: "self", summary: "CVE-2024-44256", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44256.json", }, ], title: "CVE-2024-44256", }, { cve: "CVE-2024-44257", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44257", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44257.json", }, ], title: "CVE-2024-44257", }, { cve: "CVE-2024-44259", references: [ { category: "self", summary: "CVE-2024-44259", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44259.json", }, ], title: "CVE-2024-44259", }, { cve: "CVE-2024-44260", references: [ { category: "self", summary: "CVE-2024-44260", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44260.json", }, ], title: "CVE-2024-44260", }, { cve: "CVE-2024-44264", references: [ { category: "self", summary: "CVE-2024-44264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44264.json", }, ], title: "CVE-2024-44264", }, { cve: "CVE-2024-44265", references: [ { category: "self", summary: "CVE-2024-44265", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44265.json", }, ], title: "CVE-2024-44265", }, { cve: "CVE-2024-44267", references: [ { category: "self", summary: "CVE-2024-44267", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44267.json", }, ], title: "CVE-2024-44267", }, { cve: "CVE-2024-44269", references: [ { category: "self", summary: "CVE-2024-44269", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44269.json", }, ], title: "CVE-2024-44269", }, { cve: "CVE-2024-44270", references: [ { category: "self", summary: "CVE-2024-44270", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44270.json", }, ], title: "CVE-2024-44270", }, { cve: "CVE-2024-44273", references: [ { category: "self", summary: "CVE-2024-44273", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44273.json", }, ], title: "CVE-2024-44273", }, { cve: "CVE-2024-44275", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44275", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44275.json", }, ], title: "CVE-2024-44275", }, { cve: "CVE-2024-44277", references: [ { category: "self", summary: "CVE-2024-44277", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44277.json", }, ], title: "CVE-2024-44277", }, { cve: "CVE-2024-44278", references: [ { category: "self", summary: "CVE-2024-44278", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44278.json", }, ], title: "CVE-2024-44278", }, { cve: "CVE-2024-44279", references: [ { category: "self", summary: "CVE-2024-44279", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44279.json", }, ], title: "CVE-2024-44279", }, { cve: "CVE-2024-44280", references: [ { category: "self", summary: "CVE-2024-44280", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44280.json", }, ], title: "CVE-2024-44280", }, { cve: "CVE-2024-44281", references: [ { category: "self", summary: "CVE-2024-44281", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44281.json", }, ], title: "CVE-2024-44281", }, { cve: "CVE-2024-44282", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44282", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44282.json", }, ], title: "CVE-2024-44282", }, { cve: "CVE-2024-44283", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44283", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44283.json", }, ], title: "CVE-2024-44283", }, { cve: "CVE-2024-44284", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44284", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44284.json", }, ], title: "CVE-2024-44284", }, { cve: "CVE-2024-44285", references: [ { category: "self", summary: "CVE-2024-44285", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44285.json", }, ], title: "CVE-2024-44285", }, { cve: "CVE-2024-44287", references: [ { category: "self", summary: "CVE-2024-44287", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44287.json", }, ], title: "CVE-2024-44287", }, { cve: "CVE-2024-44289", references: [ { category: "self", summary: "CVE-2024-44289", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44289.json", }, ], title: "CVE-2024-44289", }, { cve: "CVE-2024-44292", references: [ { category: "self", summary: "CVE-2024-44292", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44292.json", }, ], title: "CVE-2024-44292", }, { cve: "CVE-2024-44293", references: [ { category: "self", summary: "CVE-2024-44293", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44293.json", }, ], title: "CVE-2024-44293", }, { cve: "CVE-2024-44294", references: [ { category: "self", summary: "CVE-2024-44294", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44294.json", }, ], title: "CVE-2024-44294", }, { cve: "CVE-2024-44295", references: [ { category: "self", summary: "CVE-2024-44295", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44295.json", }, ], title: "CVE-2024-44295", }, { cve: "CVE-2024-44296", references: [ { category: "self", summary: "CVE-2024-44296", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44296.json", }, ], title: "CVE-2024-44296", }, { cve: "CVE-2024-44297", references: [ { category: "self", summary: "CVE-2024-44297", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44297.json", }, ], title: "CVE-2024-44297", }, { cve: "CVE-2024-44298", references: [ { category: "self", summary: "CVE-2024-44298", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44298.json", }, ], title: "CVE-2024-44298", }, { cve: "CVE-2024-44301", references: [ { category: "self", summary: "CVE-2024-44301", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44301.json", }, ], title: "CVE-2024-44301", }, { cve: "CVE-2024-44302", references: [ { category: "self", summary: "CVE-2024-44302", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44302.json", }, ], title: "CVE-2024-44302", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-40855", references: [ { category: "self", summary: "CVE-2024-40855", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40855.json", }, ], title: "CVE-2024-40855", }, { cve: "CVE-2024-40858", references: [ { category: "self", summary: "CVE-2024-40858", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40858.json", }, ], title: "CVE-2024-40858", }, { cve: "CVE-2024-44122", references: [ { category: "self", summary: "CVE-2024-44122", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44122.json", }, ], title: "CVE-2024-44122", }, { cve: "CVE-2024-44126", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44126", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44126.json", }, ], title: "CVE-2024-44126", }, { cve: "CVE-2024-44137", references: [ { category: "self", summary: "CVE-2024-44137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44137.json", }, ], title: "CVE-2024-44137", }, { cve: "CVE-2024-44144", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, ], references: [ { category: "self", summary: "CVE-2024-44144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44144.json", }, ], title: "CVE-2024-44144", }, { cve: "CVE-2024-44156", references: [ { category: "self", summary: "CVE-2024-44156", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44156.json", }, ], title: "CVE-2024-44156", }, { cve: "CVE-2024-44159", references: [ { category: "self", summary: "CVE-2024-44159", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44159.json", }, ], title: "CVE-2024-44159", }, { cve: "CVE-2024-44175", references: [ { category: "self", summary: "CVE-2024-44175", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44175.json", }, ], title: "CVE-2024-44175", }, { cve: "CVE-2024-44194", references: [ { category: "self", summary: "CVE-2024-44194", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44194.json", }, ], title: "CVE-2024-44194", }, { cve: "CVE-2024-44195", references: [ { category: "self", summary: "CVE-2024-44195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44195.json", }, ], title: "CVE-2024-44195", }, { cve: "CVE-2024-44196", references: [ { category: "self", summary: "CVE-2024-44196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44196.json", }, ], title: "CVE-2024-44196", }, { cve: "CVE-2024-44197", references: [ { category: "self", summary: "CVE-2024-44197", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44197.json", }, ], title: "CVE-2024-44197", }, ], }
NCSC-2024-0426
Vulnerability from csaf_ncscnl
Published
2024-10-30 11:26
Modified
2024-10-30 11:26
Summary
Kwetsbaarheden verholpen in Apple MacOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apple heeft kwetsbaarheden verholpen in MacOS.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Toegang tot systeemgegevens
* Manipulatie van gegevens
* Omzeilen van beveiligingsmaatregel
Oplossingen
Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7.1, 14.7.1 en 15.1. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-922
Insecure Storage of Sensitive Information
CWE-265
CWE-265
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-476
NULL Pointer Dereference
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-918
Server-Side Request Forgery (SSRF)
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-20
Improper Input Validation
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Apple heeft kwetsbaarheden verholpen in MacOS.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* Omzeilen van beveiligingsmaatregel", title: "Interpretaties", }, { category: "description", text: "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7.1, 14.7.1 en 15.1. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, { category: "general", text: "CWE-265", title: "CWE-265", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121564", }, { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121568", }, { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd", url: "https://support.apple.com/en-us/121570", }, ], title: "Kwetsbaarheden verholpen in Apple MacOS", tracking: { current_release_date: "2024-10-30T11:26:13.535716Z", id: "NCSC-2024-0426", initial_release_date: "2024-10-30T11:26:13.535716Z", revision_history: [ { date: "2024-10-30T11:26:13.535716Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "macos_sequoia__15.1", product: { name: "macos_sequoia__15.1", product_id: "CSAFPID-1694236", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_sequoia__15.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "macos_sonoma__14.7.1", product: { name: "macos_sonoma__14.7.1", product_id: "CSAFPID-1694237", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_sonoma__14.7.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "macos_ventura__13.7.1", product: { name: "macos_ventura__13.7.1", product_id: "CSAFPID-1694238", product_identification_helper: { cpe: "cpe:2.3:a:apple:macos_ventura__13.7.1:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apple", }, ], }, vulnerabilities: [ { cve: "CVE-2024-44211", references: [ { category: "self", summary: "CVE-2024-44211", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44211.json", }, ], title: "CVE-2024-44211", }, { cve: "CVE-2024-44213", references: [ { category: "self", summary: "CVE-2024-44213", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44213.json", }, ], title: "CVE-2024-44213", }, { cve: "CVE-2024-44215", references: [ { category: "self", summary: "CVE-2024-44215", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44215.json", }, ], title: "CVE-2024-44215", }, { cve: "CVE-2024-44216", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44216", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44216.json", }, ], title: "CVE-2024-44216", }, { cve: "CVE-2024-44218", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, ], references: [ { category: "self", summary: "CVE-2024-44218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44218.json", }, ], title: "CVE-2024-44218", }, { cve: "CVE-2024-44222", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44222", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44222.json", }, ], title: "CVE-2024-44222", }, { cve: "CVE-2024-44223", references: [ { category: "self", summary: "CVE-2024-44223", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44223.json", }, ], title: "CVE-2024-44223", }, { cve: "CVE-2024-44229", references: [ { category: "self", summary: "CVE-2024-44229", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44229.json", }, ], title: "CVE-2024-44229", }, { cve: "CVE-2024-44231", references: [ { category: "self", summary: "CVE-2024-44231", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44231.json", }, ], title: "CVE-2024-44231", }, { cve: "CVE-2024-44236", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44236", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44236.json", }, ], title: "CVE-2024-44236", }, { cve: "CVE-2024-44237", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44237", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44237.json", }, ], title: "CVE-2024-44237", }, { cve: "CVE-2024-44239", references: [ { category: "self", summary: "CVE-2024-44239", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44239.json", }, ], title: "CVE-2024-44239", }, { cve: "CVE-2024-44240", references: [ { category: "self", summary: "CVE-2024-44240", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44240.json", }, ], title: "CVE-2024-44240", }, { cve: "CVE-2024-44244", references: [ { category: "self", summary: "CVE-2024-44244", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44244.json", }, ], title: "CVE-2024-44244", }, { cve: "CVE-2024-44247", references: [ { category: "self", summary: "CVE-2024-44247", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44247.json", }, ], title: "CVE-2024-44247", }, { cve: "CVE-2024-44253", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], references: [ { category: "self", summary: "CVE-2024-44253", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44253.json", }, ], title: "CVE-2024-44253", }, { cve: "CVE-2024-44254", references: [ { category: "self", summary: "CVE-2024-44254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44254.json", }, ], title: "CVE-2024-44254", }, { cve: "CVE-2024-44255", references: [ { category: "self", summary: "CVE-2024-44255", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44255.json", }, ], title: "CVE-2024-44255", }, { cve: "CVE-2024-44256", cwe: { id: "CWE-265", name: "-", }, notes: [ { category: "other", text: "CWE-265", title: "CWE-265", }, ], references: [ { category: "self", summary: "CVE-2024-44256", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44256.json", }, ], title: "CVE-2024-44256", }, { cve: "CVE-2024-44257", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44257", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44257.json", }, ], title: "CVE-2024-44257", }, { cve: "CVE-2024-44259", references: [ { category: "self", summary: "CVE-2024-44259", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44259.json", }, ], title: "CVE-2024-44259", }, { cve: "CVE-2024-44260", references: [ { category: "self", summary: "CVE-2024-44260", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44260.json", }, ], title: "CVE-2024-44260", }, { cve: "CVE-2024-44264", references: [ { category: "self", summary: "CVE-2024-44264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44264.json", }, ], title: "CVE-2024-44264", }, { cve: "CVE-2024-44265", references: [ { category: "self", summary: "CVE-2024-44265", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44265.json", }, ], title: "CVE-2024-44265", }, { cve: "CVE-2024-44267", references: [ { category: "self", summary: "CVE-2024-44267", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44267.json", }, ], title: "CVE-2024-44267", }, { cve: "CVE-2024-44269", references: [ { category: "self", summary: "CVE-2024-44269", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44269.json", }, ], title: "CVE-2024-44269", }, { cve: "CVE-2024-44270", references: [ { category: "self", summary: "CVE-2024-44270", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44270.json", }, ], title: "CVE-2024-44270", }, { cve: "CVE-2024-44273", references: [ { category: "self", summary: "CVE-2024-44273", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44273.json", }, ], title: "CVE-2024-44273", }, { cve: "CVE-2024-44275", cwe: { id: "CWE-922", name: "Insecure Storage of Sensitive Information", }, notes: [ { category: "other", text: "Insecure Storage of Sensitive Information", title: "CWE-922", }, ], references: [ { category: "self", summary: "CVE-2024-44275", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44275.json", }, ], title: "CVE-2024-44275", }, { cve: "CVE-2024-44277", references: [ { category: "self", summary: "CVE-2024-44277", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44277.json", }, ], title: "CVE-2024-44277", }, { cve: "CVE-2024-44278", references: [ { category: "self", summary: "CVE-2024-44278", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44278.json", }, ], title: "CVE-2024-44278", }, { cve: "CVE-2024-44279", references: [ { category: "self", summary: "CVE-2024-44279", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44279.json", }, ], title: "CVE-2024-44279", }, { cve: "CVE-2024-44280", references: [ { category: "self", summary: "CVE-2024-44280", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44280.json", }, ], title: "CVE-2024-44280", }, { cve: "CVE-2024-44281", references: [ { category: "self", summary: "CVE-2024-44281", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44281.json", }, ], title: "CVE-2024-44281", }, { cve: "CVE-2024-44282", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44282", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44282.json", }, ], title: "CVE-2024-44282", }, { cve: "CVE-2024-44283", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2024-44283", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44283.json", }, ], title: "CVE-2024-44283", }, { cve: "CVE-2024-44284", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44284", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44284.json", }, ], title: "CVE-2024-44284", }, { cve: "CVE-2024-44285", references: [ { category: "self", summary: "CVE-2024-44285", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44285.json", }, ], title: "CVE-2024-44285", }, { cve: "CVE-2024-44287", references: [ { category: "self", summary: "CVE-2024-44287", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44287.json", }, ], title: "CVE-2024-44287", }, { cve: "CVE-2024-44289", references: [ { category: "self", summary: "CVE-2024-44289", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44289.json", }, ], title: "CVE-2024-44289", }, { cve: "CVE-2024-44292", references: [ { category: "self", summary: "CVE-2024-44292", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44292.json", }, ], title: "CVE-2024-44292", }, { cve: "CVE-2024-44293", references: [ { category: "self", summary: "CVE-2024-44293", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44293.json", }, ], title: "CVE-2024-44293", }, { cve: "CVE-2024-44294", references: [ { category: "self", summary: "CVE-2024-44294", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44294.json", }, ], title: "CVE-2024-44294", }, { cve: "CVE-2024-44295", references: [ { category: "self", summary: "CVE-2024-44295", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44295.json", }, ], title: "CVE-2024-44295", }, { cve: "CVE-2024-44296", references: [ { category: "self", summary: "CVE-2024-44296", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44296.json", }, ], title: "CVE-2024-44296", }, { cve: "CVE-2024-44297", references: [ { category: "self", summary: "CVE-2024-44297", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44297.json", }, ], title: "CVE-2024-44297", }, { cve: "CVE-2024-44298", references: [ { category: "self", summary: "CVE-2024-44298", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44298.json", }, ], title: "CVE-2024-44298", }, { cve: "CVE-2024-44301", references: [ { category: "self", summary: "CVE-2024-44301", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44301.json", }, ], title: "CVE-2024-44301", }, { cve: "CVE-2024-44302", references: [ { category: "self", summary: "CVE-2024-44302", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44302.json", }, ], title: "CVE-2024-44302", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-40855", references: [ { category: "self", summary: "CVE-2024-40855", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40855.json", }, ], title: "CVE-2024-40855", }, { cve: "CVE-2024-40858", references: [ { category: "self", summary: "CVE-2024-40858", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40858.json", }, ], title: "CVE-2024-40858", }, { cve: "CVE-2024-44122", references: [ { category: "self", summary: "CVE-2024-44122", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44122.json", }, ], title: "CVE-2024-44122", }, { cve: "CVE-2024-44126", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2024-44126", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44126.json", }, ], title: "CVE-2024-44126", }, { cve: "CVE-2024-44137", references: [ { category: "self", summary: "CVE-2024-44137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44137.json", }, ], title: "CVE-2024-44137", }, { cve: "CVE-2024-44144", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, ], references: [ { category: "self", summary: "CVE-2024-44144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44144.json", }, ], title: "CVE-2024-44144", }, { cve: "CVE-2024-44156", references: [ { category: "self", summary: "CVE-2024-44156", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44156.json", }, ], title: "CVE-2024-44156", }, { cve: "CVE-2024-44159", references: [ { category: "self", summary: "CVE-2024-44159", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44159.json", }, ], title: "CVE-2024-44159", }, { cve: "CVE-2024-44175", references: [ { category: "self", summary: "CVE-2024-44175", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44175.json", }, ], title: "CVE-2024-44175", }, { cve: "CVE-2024-44194", references: [ { category: "self", summary: "CVE-2024-44194", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44194.json", }, ], title: "CVE-2024-44194", }, { cve: "CVE-2024-44195", references: [ { category: "self", summary: "CVE-2024-44195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44195.json", }, ], title: "CVE-2024-44195", }, { cve: "CVE-2024-44196", references: [ { category: "self", summary: "CVE-2024-44196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44196.json", }, ], title: "CVE-2024-44196", }, { cve: "CVE-2024-44197", references: [ { category: "self", summary: "CVE-2024-44197", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44197.json", }, ], title: "CVE-2024-44197", }, ], }
NCSC-2024-0275
Vulnerability from csaf_ncscnl
Published
2024-07-02 11:44
Modified
2024-07-02 11:44
Summary
Kwetsbaarheden verholpen in Apache HHTP-server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.
Oplossingen
Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-116
Improper Encoding or Escaping of Output
CWE-172
Encoding Error
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-284
Improper Access Control
CWE-404
Improper Resource Shutdown or Release
CWE-476
NULL Pointer Dereference
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-918
Server-Side Request Forgery (SSRF)
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.", title: "Interpretaties", }, { category: "description", text: "Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; ibm; nvd; redhat", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, ], title: "Kwetsbaarheden verholpen in Apache HHTP-server", tracking: { current_release_date: "2024-07-02T11:44:22.653047Z", id: "NCSC-2024-0275", initial_release_date: "2024-07-02T11:44:22.653047Z", revision_history: [ { date: "2024-07-02T11:44:22.653047Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1465466", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1491761", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1491762", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.59:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apache_software_foundation", }, { branches: [ { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76769", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76761", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76766", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139639", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76770", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76772", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139611", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139603", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139596", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139667", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139663", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139697", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76762", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139591", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139684", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139652", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-96956", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139580", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139628", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139643", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139651", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139623", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139593", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76764", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139704", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139647", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139728", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139724", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139584", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139696", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139685", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139677", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139585", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139577", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.39:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76767", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139664", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139675", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.41:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139602", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139569", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.43:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139689", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.44:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139655", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139716", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139737", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.47:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139568", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.48:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139711", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139589", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139662", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.50:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139619", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.51:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139563", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.52:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139637", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-140516", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.54:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-142004", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473391", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.56:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473393", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.57:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473392", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.58:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1491521", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.59:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76765", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76763", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76771", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76773", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apache", }, ], }, vulnerabilities: [ { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1491761", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], title: "CVE-2024-39573", }, ], }
ncsc-2024-0275
Vulnerability from csaf_ncscnl
Published
2024-07-02 11:44
Modified
2024-07-02 11:44
Summary
Kwetsbaarheden verholpen in Apache HHTP-server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.
Oplossingen
Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-116
Improper Encoding or Escaping of Output
CWE-172
Encoding Error
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-284
Improper Access Control
CWE-404
Improper Resource Shutdown or Release
CWE-476
NULL Pointer Dereference
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-918
Server-Side Request Forgery (SSRF)
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.", title: "Interpretaties", }, { category: "description", text: "Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; ibm; nvd; redhat", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, ], title: "Kwetsbaarheden verholpen in Apache HHTP-server", tracking: { current_release_date: "2024-07-02T11:44:22.653047Z", id: "NCSC-2024-0275", initial_release_date: "2024-07-02T11:44:22.653047Z", revision_history: [ { date: "2024-07-02T11:44:22.653047Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1465466", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1491761", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "apache_http_server", product: { name: "apache_http_server", product_id: "CSAFPID-1491762", product_identification_helper: { cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.59:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apache_software_foundation", }, { branches: [ { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76769", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76761", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76766", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139639", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76770", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76772", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139611", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139603", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139596", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139667", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139663", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139697", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76762", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139591", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139684", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139652", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-96956", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139580", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139628", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139643", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139651", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139623", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139593", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76764", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139704", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139647", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139728", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139724", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139584", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139696", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139685", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139677", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139585", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139577", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.39:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76767", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139664", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139675", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.41:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139602", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139569", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.43:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139689", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.44:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139655", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139716", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139737", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.47:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139568", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.48:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139711", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139589", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139662", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.50:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139619", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.51:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139563", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.52:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-139637", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-140516", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.54:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-142004", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473391", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.56:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473393", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.57:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1473392", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.58:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-1491521", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.59:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76765", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76763", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76771", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "http_server", product: { name: "http_server", product_id: "CSAFPID-76773", product_identification_helper: { cpe: "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "apache", }, ], }, vulnerabilities: [ { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1491761", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-76769", "CSAFPID-76761", "CSAFPID-76762", "CSAFPID-76764", "CSAFPID-76767", "CSAFPID-76765", "CSAFPID-76763", "CSAFPID-76771", "CSAFPID-76773", "CSAFPID-76766", "CSAFPID-76770", "CSAFPID-139611", "CSAFPID-139596", "CSAFPID-139667", "CSAFPID-139663", "CSAFPID-139697", "CSAFPID-139591", "CSAFPID-139684", "CSAFPID-139652", "CSAFPID-96956", "CSAFPID-139580", "CSAFPID-139628", "CSAFPID-139643", "CSAFPID-139651", "CSAFPID-139623", "CSAFPID-139593", "CSAFPID-139704", "CSAFPID-139724", "CSAFPID-139584", "CSAFPID-139696", "CSAFPID-139677", "CSAFPID-139585", "CSAFPID-139737", "CSAFPID-139711", "CSAFPID-139662", "CSAFPID-139637", "CSAFPID-1465466", "CSAFPID-1491762", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], title: "CVE-2024-39573", }, ], }
ncsc-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Untrusted Search Path", title: "CWE-426", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CWE-18", title: "CWE-18", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Integer Coercion Error", title: "CWE-192", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "general", text: "Missing Critical Step in Authentication", title: "CWE-304", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Database producten", tracking: { current_release_date: "2024-10-17T13:15:19.595269Z", id: "NCSC-2024-0411", initial_release_date: "2024-10-17T13:15:19.595269Z", revision_history: [ { date: "2024-10-17T13:15:19.595269Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673504", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673507", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673509", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673508", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph_mapviewer", product: { name: "spatial_and_graph_mapviewer", product_id: "CSAFPID-912561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-764250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673512", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-816800", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673529", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning_-_micronaut", product: { name: "fleet_patching_and_provisioning_-_micronaut", product_id: "CSAFPID-1673492", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning", product: { name: "fleet_patching_and_provisioning", product_id: "CSAFPID-1503603", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673451", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673450", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673452", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816798", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-1673525", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912046", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816855", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816361", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503302", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816852", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816853", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816854", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-816801", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-1673405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_administration", product: { name: "application_express_administration", product_id: "CSAFPID-764731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_customers_plugin", product: { name: "application_express_customers_plugin", product_id: "CSAFPID-764732", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_team_calendar_plugin", product: { name: "application_express_team_calendar_plugin", product_id: "CSAFPID-764733", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-266119", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1503575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673188", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-764779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-89587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-765259", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-187448", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-94075", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-220886", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-611394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-816317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-912567", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1503612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1673479", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_essbase", product: { name: "oracle_essbase", product_id: "CSAFPID-1650506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-816845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1673404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650831", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data", product: { name: "goldengate_big_data", product_id: "CSAFPID-764274", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-764752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-1673384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-816846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-611390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-764803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_veridata", product: { name: "goldengate_veridata", product_id: "CSAFPID-764275", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-342816", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-485902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-219912", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_stream_analytics", product: { name: "oracle_goldengate_stream_analytics", product_id: "CSAFPID-1650515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-764861", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-1503640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_studio", product: { name: "oracle_goldengate_studio", product_id: "CSAFPID-1650835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate", product: { name: "oracle_goldengate", product_id: "CSAFPID-1650575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764813", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503661", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503663", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673497", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673491", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673495", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673488", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650757", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650758", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650760", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_nosql_database", product: { name: "oracle_nosql_database", product_id: "CSAFPID-1650584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_secure_backup", product: { name: "oracle_secure_backup", product_id: "CSAFPID-1650563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-667692", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-345049", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-611417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-1673422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_sql_developer", product: { name: "oracle_sql_developer", product_id: "CSAFPID-1650638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-764822", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-220643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816870", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816871", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-1673397", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, { branches: [ { category: "product_name", name: "oracle_application_express", product: { name: "oracle_application_express", product_id: "CSAFPID-1673144", product_identification_helper: { cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle_corporation", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1471", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", ], }, references: [ { category: "self", summary: "CVE-2022-1471", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json", }, ], title: "CVE-2022-1471", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, notes: [ { category: "other", text: "Integer Coercion Error", title: "CWE-192", }, { category: "other", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, ], product_status: { known_affected: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-34169", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-34169", }, { cve: "CVE-2022-36033", cwe: { id: "CWE-87", name: "Improper Neutralization of Alternate XSS Syntax", }, notes: [ { category: "other", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-36033", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-36033", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, references: [ { category: "self", summary: "CVE-2022-37454", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-38136", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-38136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json", }, ], title: "CVE-2022-38136", }, { cve: "CVE-2022-40196", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-40196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json", }, ], title: "CVE-2022-40196", }, { cve: "CVE-2022-41342", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-41342", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json", }, ], title: "CVE-2022-41342", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-42919", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json", }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-45061", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-46337", product_status: { known_affected: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, references: [ { category: "self", summary: "CVE-2022-46337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, ], title: "CVE-2022-46337", }, { cve: "CVE-2023-2976", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-2976", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-2976", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-4759", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "other", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-4759", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-4759", }, { cve: "CVE-2023-4863", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", ], }, references: [ { category: "self", summary: "CVE-2023-4863", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json", }, ], title: "CVE-2023-4863", }, { cve: "CVE-2023-5072", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-5072", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-5072", }, { cve: "CVE-2023-26031", cwe: { id: "CWE-426", name: "Untrusted Search Path", }, notes: [ { category: "other", text: "Untrusted Search Path", title: "CWE-426", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-26031", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-26031", }, { cve: "CVE-2023-26551", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26551", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json", }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26551", }, { cve: "CVE-2023-26552", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26552", }, { cve: "CVE-2023-26553", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26553", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26553", }, { cve: "CVE-2023-26554", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26554", }, { cve: "CVE-2023-26555", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26555", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26555", }, { cve: "CVE-2023-28484", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-28484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-28484", }, { cve: "CVE-2023-29469", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-29469", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-29469", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-33201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-33201", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, references: [ { category: "self", summary: "CVE-2023-37920", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-39410", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-39410", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-44981", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, references: [ { category: "self", summary: "CVE-2023-44981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, ], title: "CVE-2023-44981", }, { cve: "CVE-2023-45288", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-45288", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-45288", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49083", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-49083", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-49083", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-304", name: "Missing Critical Step in Authentication", }, notes: [ { category: "other", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51385", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-52425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52425", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52425", }, { cve: "CVE-2023-52426", cwe: { id: "CWE-776", name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, notes: [ { category: "other", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52426", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52426", }, { cve: "CVE-2024-1874", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-1874", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-1874", }, { cve: "CVE-2024-2408", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-2408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-2408", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5458", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5458", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5458", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-21131", product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json", }, ], title: "CVE-2024-21131", }, { cve: "CVE-2024-21138", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json", }, ], title: "CVE-2024-21138", }, { cve: "CVE-2024-21140", product_status: { known_affected: [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json", }, ], title: "CVE-2024-21140", }, { cve: "CVE-2024-21144", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json", }, ], title: "CVE-2024-21144", }, { cve: "CVE-2024-21145", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21145", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json", }, ], title: "CVE-2024-21145", }, { cve: "CVE-2024-21147", product_status: { known_affected: [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21147", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json", }, ], title: "CVE-2024-21147", }, { cve: "CVE-2024-21233", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-21233", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-21233", }, { cve: "CVE-2024-21242", product_status: { known_affected: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, references: [ { category: "self", summary: "CVE-2024-21242", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json", }, ], scores: [ { cvss_v3: { baseScore: 3.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, ], title: "CVE-2024-21242", }, { cve: "CVE-2024-21251", product_status: { known_affected: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, references: [ { category: "self", summary: "CVE-2024-21251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, ], title: "CVE-2024-21251", }, { cve: "CVE-2024-21261", product_status: { known_affected: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-21261", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-21261", }, { cve: "CVE-2024-22018", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22018", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22018", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-23944", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23944", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23944", }, { cve: "CVE-2024-24989", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24989", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json", }, ], title: "CVE-2024-24989", }, { cve: "CVE-2024-24990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24990", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-24990", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26130", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26130", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26130", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-28887", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-28887", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-28887", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-31079", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-31079", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-31079", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-34161", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-34161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-34161", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35200", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-35200", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-35200", }, { cve: "CVE-2024-36137", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-36137", }, { cve: "CVE-2024-36138", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json", }, ], title: "CVE-2024-36138", }, { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37372", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-37372", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-37372", }, { cve: "CVE-2024-38356", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38356", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38356", }, { cve: "CVE-2024-38357", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38357", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38357", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-39884", cwe: { id: "CWE-18", name: "-", }, notes: [ { category: "other", text: "CWE-18", title: "CWE-18", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39884", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39884", }, { cve: "CVE-2024-40725", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40725", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40725", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-45801", }, ], }
NCSC-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Untrusted Search Path", title: "CWE-426", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CWE-18", title: "CWE-18", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Integer Coercion Error", title: "CWE-192", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "general", text: "Missing Critical Step in Authentication", title: "CWE-304", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Database producten", tracking: { current_release_date: "2024-10-17T13:15:19.595269Z", id: "NCSC-2024-0411", initial_release_date: "2024-10-17T13:15:19.595269Z", revision_history: [ { date: "2024-10-17T13:15:19.595269Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673504", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673507", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673509", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673508", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph_mapviewer", product: { name: "spatial_and_graph_mapviewer", product_id: "CSAFPID-912561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-764250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673512", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-816800", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673529", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning_-_micronaut", product: { name: "fleet_patching_and_provisioning_-_micronaut", product_id: "CSAFPID-1673492", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning", product: { name: "fleet_patching_and_provisioning", product_id: "CSAFPID-1503603", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673451", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673450", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673452", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816798", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-1673525", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912046", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816855", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816361", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503302", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816852", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816853", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816854", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-816801", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-1673405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_administration", product: { name: "application_express_administration", product_id: "CSAFPID-764731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_customers_plugin", product: { name: "application_express_customers_plugin", product_id: "CSAFPID-764732", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_team_calendar_plugin", product: { name: "application_express_team_calendar_plugin", product_id: "CSAFPID-764733", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-266119", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1503575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673188", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-764779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-89587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-765259", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-187448", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-94075", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-220886", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-611394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-816317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-912567", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1503612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1673479", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_essbase", product: { name: "oracle_essbase", product_id: "CSAFPID-1650506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-816845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1673404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650831", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data", product: { name: "goldengate_big_data", product_id: "CSAFPID-764274", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-764752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-1673384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-816846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-611390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-764803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_veridata", product: { name: "goldengate_veridata", product_id: "CSAFPID-764275", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-342816", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-485902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-219912", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_stream_analytics", product: { name: "oracle_goldengate_stream_analytics", product_id: "CSAFPID-1650515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-764861", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-1503640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_studio", product: { name: "oracle_goldengate_studio", product_id: "CSAFPID-1650835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate", product: { name: "oracle_goldengate", product_id: "CSAFPID-1650575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764813", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503661", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503663", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673497", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673491", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673495", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673488", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650757", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650758", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650760", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_nosql_database", product: { name: "oracle_nosql_database", product_id: "CSAFPID-1650584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_secure_backup", product: { name: "oracle_secure_backup", product_id: "CSAFPID-1650563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-667692", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-345049", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-611417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-1673422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_sql_developer", product: { name: "oracle_sql_developer", product_id: "CSAFPID-1650638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-764822", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-220643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816870", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816871", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-1673397", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, { branches: [ { category: "product_name", name: "oracle_application_express", product: { name: "oracle_application_express", product_id: "CSAFPID-1673144", product_identification_helper: { cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle_corporation", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1471", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", ], }, references: [ { category: "self", summary: "CVE-2022-1471", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json", }, ], title: "CVE-2022-1471", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, notes: [ { category: "other", text: "Integer Coercion Error", title: "CWE-192", }, { category: "other", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, ], product_status: { known_affected: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-34169", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-34169", }, { cve: "CVE-2022-36033", cwe: { id: "CWE-87", name: "Improper Neutralization of Alternate XSS Syntax", }, notes: [ { category: "other", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-36033", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-36033", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, references: [ { category: "self", summary: "CVE-2022-37454", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-38136", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-38136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json", }, ], title: "CVE-2022-38136", }, { cve: "CVE-2022-40196", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-40196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json", }, ], title: "CVE-2022-40196", }, { cve: "CVE-2022-41342", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-41342", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json", }, ], title: "CVE-2022-41342", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-42919", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json", }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-45061", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-46337", product_status: { known_affected: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, references: [ { category: "self", summary: "CVE-2022-46337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, ], title: "CVE-2022-46337", }, { cve: "CVE-2023-2976", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-2976", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-2976", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-4759", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "other", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-4759", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-4759", }, { cve: "CVE-2023-4863", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", ], }, references: [ { category: "self", summary: "CVE-2023-4863", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json", }, ], title: "CVE-2023-4863", }, { cve: "CVE-2023-5072", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-5072", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-5072", }, { cve: "CVE-2023-26031", cwe: { id: "CWE-426", name: "Untrusted Search Path", }, notes: [ { category: "other", text: "Untrusted Search Path", title: "CWE-426", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-26031", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-26031", }, { cve: "CVE-2023-26551", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26551", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json", }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26551", }, { cve: "CVE-2023-26552", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26552", }, { cve: "CVE-2023-26553", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26553", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26553", }, { cve: "CVE-2023-26554", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26554", }, { cve: "CVE-2023-26555", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26555", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26555", }, { cve: "CVE-2023-28484", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-28484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-28484", }, { cve: "CVE-2023-29469", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-29469", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-29469", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-33201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-33201", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, references: [ { category: "self", summary: "CVE-2023-37920", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-39410", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-39410", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-44981", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, references: [ { category: "self", summary: "CVE-2023-44981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, ], title: "CVE-2023-44981", }, { cve: "CVE-2023-45288", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-45288", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-45288", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49083", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-49083", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-49083", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-304", name: "Missing Critical Step in Authentication", }, notes: [ { category: "other", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51385", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-52425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52425", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52425", }, { cve: "CVE-2023-52426", cwe: { id: "CWE-776", name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, notes: [ { category: "other", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52426", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52426", }, { cve: "CVE-2024-1874", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-1874", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-1874", }, { cve: "CVE-2024-2408", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-2408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-2408", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5458", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5458", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5458", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-21131", product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json", }, ], title: "CVE-2024-21131", }, { cve: "CVE-2024-21138", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json", }, ], title: "CVE-2024-21138", }, { cve: "CVE-2024-21140", product_status: { known_affected: [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json", }, ], title: "CVE-2024-21140", }, { cve: "CVE-2024-21144", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json", }, ], title: "CVE-2024-21144", }, { cve: "CVE-2024-21145", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21145", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json", }, ], title: "CVE-2024-21145", }, { cve: "CVE-2024-21147", product_status: { known_affected: [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21147", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json", }, ], title: "CVE-2024-21147", }, { cve: "CVE-2024-21233", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-21233", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-21233", }, { cve: "CVE-2024-21242", product_status: { known_affected: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, references: [ { category: "self", summary: "CVE-2024-21242", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json", }, ], scores: [ { cvss_v3: { baseScore: 3.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, ], title: "CVE-2024-21242", }, { cve: "CVE-2024-21251", product_status: { known_affected: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, references: [ { category: "self", summary: "CVE-2024-21251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, ], title: "CVE-2024-21251", }, { cve: "CVE-2024-21261", product_status: { known_affected: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-21261", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-21261", }, { cve: "CVE-2024-22018", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22018", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22018", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-23944", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23944", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23944", }, { cve: "CVE-2024-24989", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24989", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json", }, ], title: "CVE-2024-24989", }, { cve: "CVE-2024-24990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24990", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-24990", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26130", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26130", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26130", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-28887", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-28887", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-28887", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-31079", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-31079", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-31079", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-34161", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-34161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-34161", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35200", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-35200", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-35200", }, { cve: "CVE-2024-36137", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-36137", }, { cve: "CVE-2024-36138", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json", }, ], title: "CVE-2024-36138", }, { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37372", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-37372", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-37372", }, { cve: "CVE-2024-38356", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38356", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38356", }, { cve: "CVE-2024-38357", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38357", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38357", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-39884", cwe: { id: "CWE-18", name: "-", }, notes: [ { category: "other", text: "CWE-18", title: "CWE-18", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39884", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39884", }, { cve: "CVE-2024-40725", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40725", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40725", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-45801", }, ], }
rhsa-2024_4726
Vulnerability from csaf_redhat
Published
2024-07-23 13:24
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4726", url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4726.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-12-17T09:15:21+00:00", generator: { date: "2024-12-17T09:15:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4726", initial_release_date: "2024-07-23T13:24:43+00:00", revision_history: [ { date: "2024-07-23T13:24:43+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T13:24:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.src", product: { name: "httpd-0:2.4.57-11.el9_4.src", product_id: "httpd-0:2.4.57-11.el9_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-0:2.4.57-11.el9_4.s390x", product_id: "httpd-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_id: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_id: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.57-11.el9_4?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_id: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.57-11.el9_4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", }, product_reference: "httpd-0:2.4.57-11.el9_4.src", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-manual-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024_4943
Vulnerability from csaf_redhat
Published
2024-07-31 14:59
Modified
2024-12-17 09:16
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4943", url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4943.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-12-17T09:16:53+00:00", generator: { date: "2024-12-17T09:16:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4943", initial_release_date: "2024-07-31T14:59:20+00:00", revision_history: [ { date: "2024-07-31T14:59:20+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T14:59:20+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:16:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.src", product: { name: "httpd-0:2.4.6-99.el7_9.2.src", product_id: "httpd-0:2.4.6-99.el7_9.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_id: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-99.el7_9.2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4719
Vulnerability from csaf_redhat
Published
2024-07-23 08:59
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4719", url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4719.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2024-12-17T09:15:32+00:00", generator: { date: "2024-12-17T09:15:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4719", initial_release_date: "2024-07-23T08:59:27+00:00", revision_history: [ { date: "2024-07-23T08:59:27+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:59:27+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8080020240717184413:63b34585", product: { name: "httpd:2.4:8080020240717184413:63b34585", product_id: "httpd:2.4:8080020240717184413:63b34585", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8080020240717184413:63b34585", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, product_reference: "httpd:2.4:8080020240717184413:63b34585", relates_to_product_reference: "AppStream-8.8.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4863
Vulnerability from csaf_redhat
Published
2024-07-25 08:34
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4863", url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4863.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:23:06+00:00", generator: { date: "2025-01-09T06:23:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4863", initial_release_date: "2024-07-25T08:34:04+00:00", revision_history: [ { date: "2024-07-25T08:34:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:34:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:9.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.src", product: { name: "httpd-0:2.4.51-7.el9_0.7.src", product_id: "httpd-0:2.4.51-7.el9_0.7.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.51-7.el9_0.7?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.51-7.el9_0.7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.src", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_5239
Vulnerability from csaf_redhat
Published
2024-08-13 13:18
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5239", url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5239.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2024-12-17T09:15:21+00:00", generator: { date: "2024-12-17T09:15:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:5239", initial_release_date: "2024-08-13T13:18:01+00:00", revision_history: [ { date: "2024-08-13T13:18:01+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:18:01+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 7 Server", product: { name: "Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 8", product: { name: "Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el7jbcs?arch=noarch", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el8jbcs?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
RHSA-2024:4862
Vulnerability from csaf_redhat
Published
2024-07-25 08:41
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4862", url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4862.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:22:55+00:00", generator: { date: "2025-01-09T06:22:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4862", initial_release_date: "2024-07-25T08:41:39+00:00", revision_history: [ { date: "2024-07-25T08:41:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:41:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:9.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.src", product: { name: "httpd-0:2.4.53-11.el9_2.8.src", product_id: "httpd-0:2.4.53-11.el9_2.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.53-11.el9_2.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.53-11.el9_2.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.src", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4720
Vulnerability from csaf_redhat
Published
2024-07-23 08:57
Modified
2025-03-28 15:29
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4720", url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4720.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-03-28T15:29:55+00:00", generator: { date: "2025-03-28T15:29:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4720", initial_release_date: "2024-07-23T08:57:47+00:00", revision_history: [ { date: "2024-07-23T08:57:47+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:57:47+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:29:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8100020240712114234:489197e6", product: { name: "httpd:2.4:8100020240712114234:489197e6", product_id: "httpd:2.4:8100020240712114234:489197e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8100020240712114234:489197e6", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, product_reference: "httpd:2.4:8100020240712114234:489197e6", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024:5240
Vulnerability from csaf_redhat
Published
2024-08-13 13:06
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5240", url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5240.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2025-01-09T06:23:19+00:00", generator: { date: "2025-01-09T06:23:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:5240", initial_release_date: "2024-08-13T13:06:23+00:00", revision_history: [ { date: "2024-08-13T13:06:23+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:06:24+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only JBCS", product: { name: "Text-Only JBCS", product_id: "Text-Only JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
RHSA-2024:5239
Vulnerability from csaf_redhat
Published
2024-08-13 13:18
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5239", url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5239.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2025-01-09T06:23:09+00:00", generator: { date: "2025-01-09T06:23:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:5239", initial_release_date: "2024-08-13T13:18:01+00:00", revision_history: [ { date: "2024-08-13T13:18:01+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:18:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 7 Server", product: { name: "Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 8", product: { name: "Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el7jbcs?arch=noarch", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el8jbcs?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024:4830
Vulnerability from csaf_redhat
Published
2024-07-24 14:05
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4830", url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4830.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:34+00:00", generator: { date: "2025-01-09T06:22:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4830", initial_release_date: "2024-07-24T14:05:13+00:00", revision_history: [ { date: "2024-07-24T14:05:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T14:05:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.4::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8040020240720035525:522a0ee4", product: { name: "httpd:2.4:8040020240720035525:522a0ee4", product_id: "httpd:2.4:8040020240720035525:522a0ee4", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8040020240720035525:522a0ee4", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4726
Vulnerability from csaf_redhat
Published
2024-07-23 13:24
Modified
2025-03-28 15:30
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4726", url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4726.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-03-28T15:30:08+00:00", generator: { date: "2025-03-28T15:30:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4726", initial_release_date: "2024-07-23T13:24:43+00:00", revision_history: [ { date: "2024-07-23T13:24:43+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T13:24:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:30:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.src", product: { name: "httpd-0:2.4.57-11.el9_4.src", product_id: "httpd-0:2.4.57-11.el9_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-0:2.4.57-11.el9_4.s390x", product_id: "httpd-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_id: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_id: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.57-11.el9_4?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_id: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.57-11.el9_4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", }, product_reference: "httpd-0:2.4.57-11.el9_4.src", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-manual-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024:4719
Vulnerability from csaf_redhat
Published
2024-07-23 08:59
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4719", url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4719.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:23:25+00:00", generator: { date: "2025-01-09T06:23:25+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4719", initial_release_date: "2024-07-23T08:59:27+00:00", revision_history: [ { date: "2024-07-23T08:59:27+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:59:27+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:25+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8080020240717184413:63b34585", product: { name: "httpd:2.4:8080020240717184413:63b34585", product_id: "httpd:2.4:8080020240717184413:63b34585", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8080020240717184413:63b34585", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, product_reference: "httpd:2.4:8080020240717184413:63b34585", relates_to_product_reference: "AppStream-8.8.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4938
Vulnerability from csaf_redhat
Published
2024-07-31 10:23
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4938", url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4938.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:23:16+00:00", generator: { date: "2025-01-09T06:23:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4938", initial_release_date: "2024-07-31T10:23:15+00:00", revision_history: [ { date: "2024-07-31T10:23:15+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T10:23:15+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.src", product: { name: "httpd-0:2.4.6-90.el7_7.4.src", product_id: "httpd-0:2.4.6-90.el7_7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_id: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-90.el7_7.4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4720
Vulnerability from csaf_redhat
Published
2024-07-23 08:57
Modified
2025-03-28 15:29
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4720", url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4720.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-03-28T15:29:55+00:00", generator: { date: "2025-03-28T15:29:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4720", initial_release_date: "2024-07-23T08:57:47+00:00", revision_history: [ { date: "2024-07-23T08:57:47+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:57:47+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:29:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8100020240712114234:489197e6", product: { name: "httpd:2.4:8100020240712114234:489197e6", product_id: "httpd:2.4:8100020240712114234:489197e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8100020240712114234:489197e6", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, product_reference: "httpd:2.4:8100020240712114234:489197e6", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
RHSA-2024:4827
Vulnerability from csaf_redhat
Published
2024-07-24 13:18
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4827", url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4827.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:21+00:00", generator: { date: "2025-01-09T06:22:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4827", initial_release_date: "2024-07-24T13:18:31+00:00", revision_history: [ { date: "2024-07-24T13:18:31+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T13:18:31+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.6::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8060020240719220036:ad008a3a", product: { name: "httpd:2.4:8060020240719220036:ad008a3a", product_id: "httpd:2.4:8060020240719220036:ad008a3a", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8060020240719220036:ad008a3a", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4863
Vulnerability from csaf_redhat
Published
2024-07-25 08:34
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4863", url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4863.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:23:06+00:00", generator: { date: "2025-01-09T06:23:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4863", initial_release_date: "2024-07-25T08:34:04+00:00", revision_history: [ { date: "2024-07-25T08:34:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:34:04+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:9.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.src", product: { name: "httpd-0:2.4.51-7.el9_0.7.src", product_id: "httpd-0:2.4.51-7.el9_0.7.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.51-7.el9_0.7?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.51-7.el9_0.7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.src", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4938
Vulnerability from csaf_redhat
Published
2024-07-31 10:23
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4938", url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4938.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:23:16+00:00", generator: { date: "2025-01-09T06:23:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4938", initial_release_date: "2024-07-31T10:23:15+00:00", revision_history: [ { date: "2024-07-31T10:23:15+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T10:23:15+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.src", product: { name: "httpd-0:2.4.6-90.el7_7.4.src", product_id: "httpd-0:2.4.6-90.el7_7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_id: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-90.el7_7.4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4943
Vulnerability from csaf_redhat
Published
2024-07-31 14:59
Modified
2025-03-28 15:17
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4943", url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4943.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-03-28T15:17:58+00:00", generator: { date: "2025-03-28T15:17:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4943", initial_release_date: "2024-07-31T14:59:20+00:00", revision_history: [ { date: "2024-07-31T14:59:20+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T14:59:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:17:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.src", product: { name: "httpd-0:2.4.6-99.el7_9.2.src", product_id: "httpd-0:2.4.6-99.el7_9.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_id: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-99.el7_9.2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4827
Vulnerability from csaf_redhat
Published
2024-07-24 13:18
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4827", url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4827.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2024-12-17T09:15:43+00:00", generator: { date: "2024-12-17T09:15:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4827", initial_release_date: "2024-07-24T13:18:31+00:00", revision_history: [ { date: "2024-07-24T13:18:31+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T13:18:31+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.6::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8060020240719220036:ad008a3a", product: { name: "httpd:2.4:8060020240719220036:ad008a3a", product_id: "httpd:2.4:8060020240719220036:ad008a3a", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8060020240719220036:ad008a3a", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:5239
Vulnerability from csaf_redhat
Published
2024-08-13 13:18
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5239", url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5239.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2025-01-09T06:23:09+00:00", generator: { date: "2025-01-09T06:23:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:5239", initial_release_date: "2024-08-13T13:18:01+00:00", revision_history: [ { date: "2024-08-13T13:18:01+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:18:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 7 Server", product: { name: "Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el7", }, }, }, { category: "product_name", name: "Red Hat JBoss Core Services on RHEL 8", product: { name: "Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_id: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.49-11.redhat_1.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=src", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.49-11.redhat_1.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el7jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el7jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.57-13.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.57-13.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-41.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.49-11.redhat_1.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.20-8.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-40.el8jbcs?arch=x86_64", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.24-11.el8jbcs?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el7jbcs?arch=noarch", }, }, }, { category: "product_version", name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_id: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.57-13.el8jbcs?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", product_id: "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", relates_to_product_reference: "7Server-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", }, product_reference: "jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, { category: "default_component_of", full_product_name: { name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8", product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", }, product_reference: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", relates_to_product_reference: "8Base-JBCS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:18:01+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el7jbcs.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.49-11.redhat_1.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el7jbcs.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el7jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.57-13.el8jbcs.noarch", "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-41.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.49-11.redhat_1.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.24-11.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.20-8.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.src", "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-40.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.57-13.el8jbcs.x86_64", "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.57-13.el8jbcs.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024_4820
Vulnerability from csaf_redhat
Published
2024-07-24 12:40
Modified
2024-12-17 09:16
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4820", url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4820.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2024-12-17T09:16:07+00:00", generator: { date: "2024-12-17T09:16:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4820", initial_release_date: "2024-07-24T12:40:36+00:00", revision_history: [ { date: "2024-07-24T12:40:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T12:40:36+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:16:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8020020240720043142:4cda2c84", product: { name: "httpd:2.4:8020020240720043142:4cda2c84", product_id: "httpd:2.4:8020020240720043142:4cda2c84", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8020020240720043142:4cda2c84", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, product_reference: "httpd:2.4:8020020240720043142:4cda2c84", relates_to_product_reference: "AppStream-8.2.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4938
Vulnerability from csaf_redhat
Published
2024-07-31 10:23
Modified
2024-12-17 09:16
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4938", url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4938.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-12-17T09:16:42+00:00", generator: { date: "2024-12-17T09:16:42+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4938", initial_release_date: "2024-07-31T10:23:15+00:00", revision_history: [ { date: "2024-07-31T10:23:15+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T10:23:15+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:16:42+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.src", product: { name: "httpd-0:2.4.6-90.el7_7.4.src", product_id: "httpd-0:2.4.6-90.el7_7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_session-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_id: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_id: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-90.el7_7.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_id: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-90.el7_7.4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_id: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-90.el7_7.4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)", product_id: "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.src", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-devel-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-90.el7_7.4.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", }, product_reference: "httpd-manual-0:2.4.6-90.el7_7.4.noarch", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "httpd-tools-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ldap-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_session-0:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.7)", product_id: "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", }, product_reference: "mod_ssl-1:2.4.6-90.el7_7.4.x86_64", relates_to_product_reference: "7Server-optional-7.7.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T10:23:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.src", "7Server-optional-7.7.AUS:httpd-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-debuginfo-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-devel-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:httpd-manual-0:2.4.6-90.el7_7.4.noarch", "7Server-optional-7.7.AUS:httpd-tools-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ldap-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_proxy_html-1:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_session-0:2.4.6-90.el7_7.4.x86_64", "7Server-optional-7.7.AUS:mod_ssl-1:2.4.6-90.el7_7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4726
Vulnerability from csaf_redhat
Published
2024-07-23 13:24
Modified
2025-03-28 15:30
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4726", url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4726.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-03-28T15:30:08+00:00", generator: { date: "2025-03-28T15:30:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4726", initial_release_date: "2024-07-23T13:24:43+00:00", revision_history: [ { date: "2024-07-23T13:24:43+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T13:24:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:30:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.src", product: { name: "httpd-0:2.4.57-11.el9_4.src", product_id: "httpd-0:2.4.57-11.el9_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-devel-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-devel-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-0:2.4.57-11.el9_4.s390x", product_id: "httpd-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_id: "httpd-devel-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_id: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.57-11.el9_4?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_id: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.57-11.el9_4?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_id: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.57-11.el9_4?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_id: "httpd-manual-0:2.4.57-11.el9_4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.57-11.el9_4?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", }, product_reference: "httpd-0:2.4.57-11.el9_4.src", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-debugsource-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-devel-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-filesystem-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.57-11.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", }, product_reference: "httpd-manual-0:2.4.57-11.el9_4.noarch", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T13:24:43+00:00", details: "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.src", "AppStream-9.4.0.Z.MAIN.EUS:httpd-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-core-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-debugsource-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-devel-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-filesystem-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-manual-0:2.4.57-11.el9_4.noarch", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:httpd-tools-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ldap-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_lua-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_proxy_html-debuginfo-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_session-debuginfo-0:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-1:2.4.57-11.el9_4.x86_64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.aarch64", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.ppc64le", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.s390x", "AppStream-9.4.0.Z.MAIN.EUS:mod_ssl-debuginfo-1:2.4.57-11.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024_4862
Vulnerability from csaf_redhat
Published
2024-07-25 08:41
Modified
2024-12-17 09:16
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4862", url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4862.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-12-17T09:16:17+00:00", generator: { date: "2024-12-17T09:16:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4862", initial_release_date: "2024-07-25T08:41:39+00:00", revision_history: [ { date: "2024-07-25T08:41:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:41:39+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:16:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:9.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.src", product: { name: "httpd-0:2.4.53-11.el9_2.8.src", product_id: "httpd-0:2.4.53-11.el9_2.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.53-11.el9_2.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.53-11.el9_2.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.src", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4863
Vulnerability from csaf_redhat
Published
2024-07-25 08:34
Modified
2024-12-17 09:16
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4863", url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4863.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-12-17T09:16:30+00:00", generator: { date: "2024-12-17T09:16:30+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4863", initial_release_date: "2024-07-25T08:34:04+00:00", revision_history: [ { date: "2024-07-25T08:34:04+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:34:04+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:16:30+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:9.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.src", product: { name: "httpd-0:2.4.51-7.el9_0.7.src", product_id: "httpd-0:2.4.51-7.el9_0.7.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_id: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.51-7.el9_0.7?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_id: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.51-7.el9_0.7?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.51-7.el9_0.7?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_id: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.51-7.el9_0.7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.src", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-devel-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.51-7.el9_0.7.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", }, product_reference: "httpd-manual-0:2.4.51-7.el9_0.7.noarch", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)", product_id: "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", relates_to_product_reference: "AppStream-9.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:34:04+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.src", "AppStream-9.0.0.Z.E4S:httpd-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-debugsource-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-devel-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-filesystem-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-manual-0:2.4.51-7.el9_0.7.noarch", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:httpd-tools-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ldap-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_lua-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_proxy_html-debuginfo-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_session-debuginfo-0:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-1:2.4.51-7.el9_0.7.x86_64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.aarch64", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.ppc64le", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.s390x", "AppStream-9.0.0.Z.E4S:mod_ssl-debuginfo-1:2.4.51-7.el9_0.7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4719
Vulnerability from csaf_redhat
Published
2024-07-23 08:59
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4719", url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4719.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:23:25+00:00", generator: { date: "2025-01-09T06:23:25+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4719", initial_release_date: "2024-07-23T08:59:27+00:00", revision_history: [ { date: "2024-07-23T08:59:27+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:59:27+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:25+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:8.8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8080020240717184413:63b34585", product: { name: "httpd:2.4:8080020240717184413:63b34585", product_id: "httpd:2.4:8080020240717184413:63b34585", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8080020240717184413:63b34585", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_id: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-8.module%2Bel8.8.0%2B21773%2B20528f83.5?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-56.module%2Bel8.8.0%2B22079%2Be03f6970.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, product_reference: "httpd:2.4:8080020240717184413:63b34585", relates_to_product_reference: "AppStream-8.8.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64 as a component of httpd:2.4:8080020240717184413:63b34585 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)", product_id: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", relates_to_product_reference: "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:59:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-debugsource-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-devel-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-filesystem-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-manual-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.noarch", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:httpd-tools-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debuginfo-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_http2-debugsource-0:1.15.7-8.module+el8.8.0+21773+20528f83.5.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ldap-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_proxy_html-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_session-debuginfo-0:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.aarch64", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.ppc64le", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.s390x", "AppStream-8.8.0.Z.EUS:httpd:2.4:8080020240717184413:63b34585:mod_ssl-debuginfo-1:2.4.37-56.module+el8.8.0+22079+e03f6970.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4827
Vulnerability from csaf_redhat
Published
2024-07-24 13:18
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4827", url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4827.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:21+00:00", generator: { date: "2025-01-09T06:22:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4827", initial_release_date: "2024-07-24T13:18:31+00:00", revision_history: [ { date: "2024-07-24T13:18:31+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T13:18:31+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.6::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.6::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8060020240719220036:ad008a3a", product: { name: "httpd:2.4:8060020240719220036:ad008a3a", product_id: "httpd:2.4:8060020240719220036:ad008a3a", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8060020240719220036:ad008a3a", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_id: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B21746%2Bf601aac0.3?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B22124%2B21ed7001.9?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)", product_id: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)", product_id: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, product_reference: "httpd:2.4:8060020240719220036:ad008a3a", relates_to_product_reference: "AppStream-8.6.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", }, product_reference: "httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64 as a component of httpd:2.4:8060020240719220036:ad008a3a as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)", product_id: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", relates_to_product_reference: "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T13:18:31+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.AUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.aarch64", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.ppc64le", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.s390x", "AppStream-8.6.0.Z.E4S:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-debugsource-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-devel-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-filesystem-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-manual-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.noarch", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+21746+f601aac0.3.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", "AppStream-8.6.0.Z.TUS:httpd:2.4:8060020240719220036:ad008a3a:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+22124+21ed7001.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024:4862
Vulnerability from csaf_redhat
Published
2024-07-25 08:41
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4862", url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4862.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-01-09T06:22:55+00:00", generator: { date: "2025-01-09T06:22:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4862", initial_release_date: "2024-07-25T08:41:39+00:00", revision_history: [ { date: "2024-07-25T08:41:39+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-25T08:41:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:9.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.src", product: { name: "httpd-0:2.4.53-11.el9_2.8.src", product_id: "httpd-0:2.4.53-11.el9_2.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_id: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-11.el9_2.8?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_id: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-11.el9_2.8?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.53-11.el9_2.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_id: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.53-11.el9_2.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.src", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-devel-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.53-11.el9_2.8.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", }, product_reference: "httpd-manual-0:2.4.53-11.el9_2.8.noarch", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)", product_id: "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", relates_to_product_reference: "AppStream-9.2.0.Z.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-25T08:41:39+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.src", "AppStream-9.2.0.Z.EUS:httpd-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-core-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-debugsource-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-devel-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-filesystem-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-manual-0:2.4.53-11.el9_2.8.noarch", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:httpd-tools-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ldap-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_lua-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_proxy_html-debuginfo-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_session-debuginfo-0:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-1:2.4.53-11.el9_2.8.x86_64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.aarch64", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.ppc64le", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.s390x", "AppStream-9.2.0.Z.EUS:mod_ssl-debuginfo-1:2.4.53-11.el9_2.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4830
Vulnerability from csaf_redhat
Published
2024-07-24 14:05
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4830", url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4830.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2024-12-17T09:15:56+00:00", generator: { date: "2024-12-17T09:15:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4830", initial_release_date: "2024-07-24T14:05:13+00:00", revision_history: [ { date: "2024-07-24T14:05:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T14:05:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.4::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8040020240720035525:522a0ee4", product: { name: "httpd:2.4:8040020240720035525:522a0ee4", product_id: "httpd:2.4:8040020240720035525:522a0ee4", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8040020240720035525:522a0ee4", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:5240
Vulnerability from csaf_redhat
Published
2024-08-13 13:06
Modified
2025-01-09 06:23
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5240", url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5240.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2025-01-09T06:23:19+00:00", generator: { date: "2025-01-09T06:23:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:5240", initial_release_date: "2024-08-13T13:06:23+00:00", revision_history: [ { date: "2024-08-13T13:06:23+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:06:24+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:23:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only JBCS", product: { name: "Text-Only JBCS", product_id: "Text-Only JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Text-Only JBCS", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024_5240
Vulnerability from csaf_redhat
Published
2024-08-13 13:06
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)
* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jbcs-httpd24-httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n* jbcs-httpd24-httpd: null pointer dereference in mod_proxy (CVE-2024-38477)\n* jbcs-httpd24-httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n* jbcs-httpd24-httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n* jbcs-httpd24-httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n* jbcs-httpd24-httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5240", url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_5_release_notes/index", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5240.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update", tracking: { current_release_date: "2024-12-17T09:15:32+00:00", generator: { date: "2024-12-17T09:15:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:5240", initial_release_date: "2024-08-13T13:06:23+00:00", revision_history: [ { date: "2024-08-13T13:06:23+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-13T13:06:24+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Core Services 1", product: { name: "Red Hat JBoss Core Services 1", product_id: "Red Hat JBoss Core Services 1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-829", name: "Inclusion of Functionality from Untrusted Control Sphere", }, discovery_date: "2024-07-01T19:22:16+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295015", }, ], notes: [ { category: "description", text: "A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery (SSRF) or local script execution.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", title: "Vulnerability summary", }, { category: "other", text: "This flaw can only be exploited by backend applications via malicious or exploitable response headers. For this reason, this flaw was rated with an important and not critical severity.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38476", }, { category: "external", summary: "RHBZ#2295015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38476", url: "https://www.cve.org/CVERecord?id=CVE-2024-38476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38476", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38476", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Security issues via backend applications whose response headers are malicious or exploitable", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-13T13:06:23+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat JBoss Core Services 1", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
rhsa-2024:4820
Vulnerability from csaf_redhat
Published
2024-07-24 12:40
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4820", url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4820.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:44+00:00", generator: { date: "2025-01-09T06:22:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4820", initial_release_date: "2024-07-24T12:40:36+00:00", revision_history: [ { date: "2024-07-24T12:40:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T12:40:36+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8020020240720043142:4cda2c84", product: { name: "httpd:2.4:8020020240720043142:4cda2c84", product_id: "httpd:2.4:8020020240720043142:4cda2c84", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8020020240720043142:4cda2c84", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, product_reference: "httpd:2.4:8020020240720043142:4cda2c84", relates_to_product_reference: "AppStream-8.2.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
rhsa-2024_4720
Vulnerability from csaf_redhat
Published
2024-07-23 08:57
Modified
2024-12-17 09:15
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Encoding problem in mod_proxy (CVE-2024-38473)
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Encoding problem in mod_proxy (CVE-2024-38473)\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\n* httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4720", url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4720.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2024-12-17T09:15:08+00:00", generator: { date: "2024-12-17T09:15:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:4720", initial_release_date: "2024-07-23T08:57:47+00:00", revision_history: [ { date: "2024-07-23T08:57:47+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-23T08:57:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T09:15:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8100020240712114234:489197e6", product: { name: "httpd:2.4:8100020240712114234:489197e6", product_id: "httpd:2.4:8100020240712114234:489197e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8100020240712114234:489197e6", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_id: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_id: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-10.module%2Bel8.10.0%2B21653%2Beaff63f0?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.9.0%2B19080%2B567b90f8?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_id: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-65.module%2Bel8.10.0%2B22069%2Bb47f5c72.1?arch=aarch64&epoch=1", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, product_reference: "httpd:2.4:8100020240712114234:489197e6", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", }, product_reference: "httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64 as a component of httpd:2.4:8100020240712114234:489197e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", relates_to_product_reference: "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38473", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:36+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295012", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Encoding problem in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations where mechanisms other than ProxyPass/ProxyPassMatch or RewriteRule with the 'P' flag are used to configure a request to be proxied, such as SetHandler or inadvertent proxying via CVE-2024-39573. Note that these alternate mechanisms may be used within .htaccess files.\n\nFor more information about CVE-2024-39573, see https://access.redhat.com/security/cve/CVE-2024-39573.\n\nAdditionally, this flaw requires mod_proxy to be loaded and being used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38473", }, { category: "external", summary: "RHBZ#2295012", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38473", url: "https://www.cve.org/CVERecord?id=CVE-2024-38473", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38473", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38473", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Encoding problem in mod_proxy", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-07-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295022", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Potential SSRF in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\n\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39573", }, { category: "external", summary: "RHBZ#2295022", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39573", url: "https://www.cve.org/CVERecord?id=CVE-2024-39573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39573", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-23T08:57:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-debugsource-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-devel-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-filesystem-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-manual-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.noarch", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:httpd-tools-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debuginfo-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_http2-debugsource-0:1.15.7-10.module+el8.10.0+21653+eaff63f0.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ldap-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.src", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debuginfo-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_md-debugsource-1:2.0.8-8.module+el8.9.0+19080+567b90f8.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_proxy_html-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_session-debuginfo-0:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.aarch64", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.ppc64le", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.s390x", "AppStream-8.10.0.Z.MAIN.EUS:httpd:2.4:8100020240712114234:489197e6:mod_ssl-debuginfo-1:2.4.37-65.module+el8.10.0+22069+b47f5c72.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Potential SSRF in mod_rewrite", }, ], }
RHSA-2024:4943
Vulnerability from csaf_redhat
Published
2024-07-31 14:59
Modified
2025-03-28 15:17
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4943", url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4943.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2025-03-28T15:17:58+00:00", generator: { date: "2025-03-28T15:17:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:4943", initial_release_date: "2024-07-31T14:59:20+00:00", revision_history: [ { date: "2024-07-31T14:59:20+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-31T14:59:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T15:17:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:7", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.src", product: { name: "httpd-0:2.4.6-99.el7_9.2.src", product_id: "httpd-0:2.4.6-99.el7_9.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_session-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=x86_64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_session-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=ppc64", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=ppc64&epoch=1", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_session-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_id: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_id: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.6-99.el7_9.2?arch=s390x", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_id: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.6-99.el7_9.2?arch=s390x&epoch=1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_id: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.6-99.el7_9.2?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)", product_id: "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.src", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-devel-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.6-99.el7_9.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", }, product_reference: "httpd-manual-0:2.4.6-99.el7_9.2.noarch", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "httpd-tools-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ldap-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_session-0:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.s390x", relates_to_product_reference: "7Server-optional-ELS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)", product_id: "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", }, product_reference: "mod_ssl-1:2.4.6-99.el7_9.2.x86_64", relates_to_product_reference: "7Server-optional-ELS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-31T14:59:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.src", "7Server-optional-ELS:httpd-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-debuginfo-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-devel-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:httpd-manual-0:2.4.6-99.el7_9.2.noarch", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:httpd-tools-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ldap-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_proxy_html-1:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_session-0:2.4.6-99.el7_9.2.x86_64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.ppc64le", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.s390x", "7Server-optional-ELS:mod_ssl-1:2.4.6-99.el7_9.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4830
Vulnerability from csaf_redhat
Published
2024-07-24 14:05
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4830", url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4830.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:34+00:00", generator: { date: "2025-01-09T06:22:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4830", initial_release_date: "2024-07-24T14:05:13+00:00", revision_history: [ { date: "2024-07-24T14:05:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T14:05:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.4::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product: { name: "Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_tus:8.4::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8040020240720035525:522a0ee4", product: { name: "httpd:2.4:8040020240720035525:522a0ee4", product_id: "httpd:2.4:8040020240720035525:522a0ee4", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8040020240720035525:522a0ee4", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_id: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_id: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-3.module%2Bel8.4.0%2B21747%2B916a74df.3?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_id: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_id: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-39.module%2Bel8.4.0%2B22127%2B467cc488.8?arch=ppc64le&epoch=1", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)", product_id: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.4)", product_id: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, product_reference: "httpd:2.4:8040020240720035525:522a0ee4", relates_to_product_reference: "AppStream-8.4.0.Z.TUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", }, product_reference: "mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64 as a component of httpd:2.4:8040020240720035525:522a0ee4 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.4)", product_id: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", relates_to_product_reference: "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T14:05:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.AUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.ppc64le", "AppStream-8.4.0.Z.E4S:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-debugsource-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-devel-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-filesystem-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-manual-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.noarch", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:httpd-tools-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debuginfo-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_http2-debugsource-0:1.15.7-3.module+el8.4.0+21747+916a74df.3.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ldap-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_proxy_html-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_session-debuginfo-0:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", "AppStream-8.4.0.Z.TUS:httpd:2.4:8040020240720035525:522a0ee4:mod_ssl-debuginfo-1:2.4.37-39.module+el8.4.0+22127+467cc488.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
RHSA-2024:4820
Vulnerability from csaf_redhat
Published
2024-07-24 12:40
Modified
2025-01-09 06:22
Summary
Red Hat Security Advisory: httpd:2.4 security update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)
* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)
* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474)\n\n* httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475)\n\n* httpd: NULL pointer dereference in mod_proxy (CVE-2024-38477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:4820", url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4820.json", }, ], title: "Red Hat Security Advisory: httpd:2.4 security update", tracking: { current_release_date: "2025-01-09T06:22:44+00:00", generator: { date: "2025-01-09T06:22:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:4820", initial_release_date: "2024-07-24T12:40:36+00:00", revision_history: [ { date: "2024-07-24T12:40:36+00:00", number: "1", summary: "Initial version", }, { date: "2024-07-24T12:40:36+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T06:22:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product: { name: "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_aus:8.2::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd:2.4:8020020240720043142:4cda2c84", product: { name: "httpd:2.4:8020020240720043142:4cda2c84", product_id: "httpd:2.4:8020020240720043142:4cda2c84", product_identification_helper: { purl: "pkg:rpmmod/redhat/httpd@2.4:8020020240720043142:4cda2c84", }, }, }, { category: "product_version", name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-filesystem@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, { category: "product_version", name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_id: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=src", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=src", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debugsource@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debuginfo@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_id: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_http2-debugsource@1.11.3-3.module%2Bel8.2.0%2B22123%2Bcf5a147c.4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_id: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_md-debugsource@2.0.8-7.module%2Bel8.2.0%2B5531%2B7e4d69a2?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_id: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-21.module%2Bel8.2.0%2B22128%2B68c62a5c.8?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, product_reference: "httpd:2.4:8020020240720043142:4cda2c84", relates_to_product_reference: "AppStream-8.2.0.Z.AUS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", }, product_reference: "httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", }, product_reference: "mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", }, product_reference: "mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64 as a component of httpd:2.4:8020020240720043142:4cda2c84 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", product_id: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", }, product_reference: "mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", relates_to_product_reference: "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38474", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:21:49+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295013", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Substitution encoding issue in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue only affects configurations with unsafe rules used in the RewriteRule directive. Also, to exploit this flaw, an attacker must be able to upload files to the server. For these reasons, this flaw was rated with an important and not critical severity.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38474", }, { category: "external", summary: "RHBZ#2295013", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38474", url: "https://www.cve.org/CVERecord?id=CVE-2024-38474", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38474", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38474", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Substitution encoding issue in mod_rewrite", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, discovery_date: "2024-07-01T19:22:02+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295014", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Improper escaping of output in mod_rewrite", title: "Vulnerability summary", }, { category: "other", text: "This issue affects configurations with substitution rules used in the RewriteRule directive using backreferences or variables as the first segment of the substitution.\n\nAdditionally, this flaw requires mod_rewrite to be loaded and used. This module can be disabled if its functionality is not needed.\n\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38475", }, { category: "external", summary: "RHBZ#2295014", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38475", url: "https://www.cve.org/CVERecord?id=CVE-2024-38475", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38475", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38475", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: Improper escaping of output in mod_rewrite", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-07-01T19:22:29+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295016", }, ], notes: [ { category: "description", text: "A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "httpd: NULL pointer dereference in mod_proxy", title: "Vulnerability summary", }, { category: "other", text: "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\n\nThis flaw only affects configurations with mod_proxy loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38477", }, { category: "external", summary: "RHBZ#2295016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38477", url: "https://www.cve.org/CVERecord?id=CVE-2024-38477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { category: "external", summary: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", url: "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-38477", }, ], release_date: "2024-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-07-24T12:40:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-debugsource-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-devel-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-filesystem-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-manual-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.noarch", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:httpd-tools-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debuginfo-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_http2-debugsource-0:1.11.3-3.module+el8.2.0+22123+cf5a147c.4.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ldap-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.src", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debuginfo-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_md-debugsource-1:2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_proxy_html-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_session-debuginfo-0:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", "AppStream-8.2.0.Z.AUS:httpd:2.4:8020020240720043142:4cda2c84:mod_ssl-debuginfo-1:2.4.37-21.module+el8.2.0+22128+68c62a5c.8.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "httpd: NULL pointer dereference in mod_proxy", }, ], }
WID-SEC-W-2024-1504
Vulnerability from csaf_certbund
Published
2024-07-01 22:00
Modified
2025-01-19 23:00
Summary
Apache HTTP Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache ist ein Webserver für verschiedene Plattformen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Apache ist ein Webserver für verschiedene Plattformen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux\n- MacOS X\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1504 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1504.json", }, { category: "self", summary: "WID-SEC-2024-1504 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504", }, { category: "external", summary: "Apache Advisory vom 2024-07-01", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295018", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "Apache HTTP Server", url: "https://seclists.org/oss-sec/2024/q3/8", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:4197 vom 2024-07-02", url: "https://errata.build.resf.org/RLSA-2024:4197", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-39F1A828ED vom 2024-07-03", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39f1a828ed", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-E7E73BEFAD vom 2024-07-03", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7e73befad", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-1 vom 2024-07-08", url: "https://ubuntu.com/security/notices/USN-6885-1", }, { category: "external", summary: "IBM Security Bulletin 7159849 vom 2024-07-09", url: "https://www.ibm.com/support/pages/node/7159849", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-661BB6322D vom 2024-07-11", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-661bb6322d", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-CB8ACBF644 vom 2024-07-11", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cb8acbf644", }, { category: "external", summary: "IBM Security Bulletin 7160019 vom 2024-07-11", url: "https://www.ibm.com/support/pages/node/7160019", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2405-1 vom 2024-07-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018934.html", }, { category: "external", summary: "Debian Security Advisory DSA-5729 vom 2024-07-12", url: "https://lists.debian.org/debian-security-announce/2024/msg00140.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-2 vom 2024-07-11", url: "https://ubuntu.com/security/notices/USN-6885-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2560-1 vom 2024-07-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019002.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2594 vom 2024-07-23", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2594.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2591-1 vom 2024-07-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019006.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2597-1 vom 2024-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019023.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4726 vom 2024-07-24", url: "https://linux.oracle.com/errata/ELSA-2024-4726.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4719 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4720 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4726 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4720 vom 2024-07-24", url: "https://linux.oracle.com/errata/ELSA-2024-4720.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-1944 vom 2024-07-24", url: "https://alas.aws.amazon.com/ALAS-2024-1944.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4827 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4830 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4820 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4862 vom 2024-07-25", url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4863 vom 2024-07-25", url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:4726 vom 2024-07-26", url: "https://errata.build.resf.org/RLSA-2024:4726", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2624-1 vom 2024-07-30", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019050.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4938 vom 2024-07-31", url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4943 vom 2024-07-31", url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-E83AF0855E vom 2024-08-01", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e83af0855e", }, { category: "external", summary: "F5 Security Advisory K000140505 vom 2024-08-03", url: "https://my.f5.com/manage/s/article/K000140505", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5001 vom 2024-08-05", url: "https://access.redhat.com/errata/RHSA-2024:5001", }, { category: "external", summary: "F5 Security Advisory K000140620 vom 2024-08-08", url: "https://my.f5.com/manage/s/article/K000140620", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5138 vom 2024-08-08", url: "https://access.redhat.com/errata/RHSA-2024:5138", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5138 vom 2024-08-09", url: "https://linux.oracle.com/errata/ELSA-2024-5138.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5193 vom 2024-08-12", url: "https://access.redhat.com/errata/RHSA-2024:5193", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5239 vom 2024-08-13", url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5240 vom 2024-08-13", url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "external", summary: "F5 Security Advisory K000140693 vom 2024-08-13", url: "https://my.f5.com/manage/s/article/K000140693", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5193 vom 2024-08-14", url: "https://linux.oracle.com/errata/ELSA-2024-5193.html", }, { category: "external", summary: "IBM Security Bulletin 7165827 vom 2024-08-19", url: "https://www.ibm.com/support/pages/node/7165827", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2436-1 vom 2024-08-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019226.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2997-1 vom 2024-08-21", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019299.html", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5138 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5138", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5193 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5193", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2999-1 vom 2024-08-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019301.html", }, { category: "external", summary: "F5 Security Advisory K000140784 vom 2024-08-23", url: "https://my.f5.com/manage/s/article/K000140784", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5812 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5812", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5832 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5832", }, { category: "external", summary: "DELL Security Update for Dell PowerScale OneFS", url: "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6136 vom 2024-09-03", url: "https://access.redhat.com/errata/RHSA-2024:6136", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6004", }, { category: "external", summary: "IBM Security Bulletin 7166853 vom 2024-09-05", url: "https://www.ibm.com/support/pages/node/7166853", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05", url: "https://access.redhat.com/errata/RHSA-2024:6013", }, { category: "external", summary: "IBM Security Bulletin 7167662 vom 2024-09-05", url: "https://www.ibm.com/support/pages/node/7167662", }, { category: "external", summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6468 vom 2024-09-09", url: "https://access.redhat.com/errata/RHSA-2024:6468", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6467 vom 2024-09-09", url: "https://access.redhat.com/errata/RHSA-2024:6467", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:3173-1 vom 2024-09-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019389.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:3172-1 vom 2024-09-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6584 vom 2024-09-11", url: "https://access.redhat.com/errata/RHSA-2024:6584", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6583 vom 2024-09-11", url: "https://access.redhat.com/errata/RHSA-2024:6583", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4943 vom 2024-09-14", url: "https://linux.oracle.com/errata/ELSA-2024-4943.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-3 vom 2024-09-18", url: "https://ubuntu.com/security/notices/USN-6885-3", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6928 vom 2024-09-24", url: "https://access.redhat.com/errata/RHSA-2024:6928", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6927 vom 2024-09-24", url: "https://access.redhat.com/errata/RHSA-2024:6927", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:7101 vom 2024-09-25", url: "https://access.redhat.com/errata/RHSA-2024:7101", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202409-31 vom 2024-09-28", url: "https://security.gentoo.org/glsa/202409-31", }, { category: "external", summary: "Dell Security Advisory DSA-2024-423 vom 2024-10-11", url: "https://www.dell.com/support/kbdoc/de-de/000235068/dsa-2024-423-security-update-for-dell-networker-and-networker-management-console-nmc-multiple-component-vulnerabilities", }, { category: "external", summary: "IBM Security Bulletin 7173018 vom 2024-10-14", url: "https://www.ibm.com/support/pages/node/7173018", }, { category: "external", summary: "Debian Security Advisory DLA-3921 vom 2024-10-17", url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00013.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-7101 vom 2024-10-17", url: "https://linux.oracle.com/errata/ELSA-2024-7101.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8680 vom 2024-10-31", url: "https://access.redhat.com/errata/RHSA-2024:8680", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-8680 vom 2024-10-31", url: "http://linux.oracle.com/errata/ELSA-2024-8680.html", }, { category: "external", summary: "HCL Security Advisory", url: "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115052", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:8680 vom 2024-11-08", url: "https://errata.build.resf.org/RLSA-2024:8680", }, { category: "external", summary: "XEROX Security Advisory XRX24-016 vom 2024-11-18", url: "https://security.business.xerox.com/wp-content/uploads/2024/11/Xerox%C2%AE-Security-Bulletin-XRX24-016-for-Xerox%C2%AEFreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "Dell Security Advisory DSA-2024-453 vom 2024-12-05", url: "https://www.dell.com/support/kbdoc/de-de/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities", }, { category: "external", summary: "SonicWall Security Advisory SNWLID-2024-0018 vom 2024-12-06", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018", }, { category: "external", summary: "Dell Security Advisory DSA-2024-483 vom 2024-12-18", url: "https://www.dell.com/support/kbdoc/de-de/000256642/dsa-2024-483-security-update-for-dell-ecs-multiple-vulnerabilities", }, { category: "external", summary: "XEROX Security Advisory XRX24-019 vom 2024-12-17", url: "https://security.business.xerox.com/wp-content/uploads/2024/12/Xerox-Security-Bulletin-XRX24-019-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "HPE Security Bulletin vom 2025-01-17", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04773en_us&docLocale=en_US", }, ], source_lang: "en-US", title: "Apache HTTP Server: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-19T23:00:00.000+00:00", generator: { date: "2025-01-20T09:21:02.020+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1504", initial_release_date: "2024-07-01T22:00:00.000+00:00", revision_history: [ { date: "2024-07-01T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-07-02T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-07-03T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-07-08T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-07-09T22:00:00.000+00:00", number: "5", summary: "Neue Updates von IBM und IBM-APAR aufgenommen", }, { date: "2024-07-11T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Fedora, IBM, SUSE, Debian und Ubuntu aufgenommen", }, { date: "2024-07-18T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-22T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Amazon und SUSE aufgenommen", }, { date: "2024-07-23T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2024-07-24T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Amazon und Red Hat aufgenommen", }, { date: "2024-07-25T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-07-28T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-07-29T22:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-01T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-08-04T22:00:00.000+00:00", number: "16", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-07T22:00:00.000+00:00", number: "17", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-11T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2024-08-13T22:00:00.000+00:00", number: "20", summary: "Neue Updates von Red Hat und F5 aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "21", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-08-18T22:00:00.000+00:00", number: "22", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-08-19T22:00:00.000+00:00", number: "23", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-21T22:00:00.000+00:00", number: "24", summary: "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-08-22T22:00:00.000+00:00", number: "25", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-25T22:00:00.000+00:00", number: "26", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-09-01T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-09-02T22:00:00.000+00:00", number: "28", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-03T22:00:00.000+00:00", number: "29", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "30", summary: "Neue Updates von IBM, Red Hat und XEROX aufgenommen", }, { date: "2024-09-08T22:00:00.000+00:00", number: "31", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-09T22:00:00.000+00:00", number: "32", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-09-11T22:00:00.000+00:00", number: "33", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-15T22:00:00.000+00:00", number: "34", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-09-18T22:00:00.000+00:00", number: "35", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-09-24T22:00:00.000+00:00", number: "36", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-25T22:00:00.000+00:00", number: "37", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-29T22:00:00.000+00:00", number: "38", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2024-10-10T22:00:00.000+00:00", number: "39", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-10-13T22:00:00.000+00:00", number: "40", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-10-17T22:00:00.000+00:00", number: "41", summary: "Neue Updates von Debian und Oracle Linux aufgenommen", }, { date: "2024-10-30T23:00:00.000+00:00", number: "42", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-31T23:00:00.000+00:00", number: "43", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-11-03T23:00:00.000+00:00", number: "44", summary: "Neue Updates von HCL aufgenommen", }, { date: "2024-11-10T23:00:00.000+00:00", number: "45", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "46", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-11-21T23:00:00.000+00:00", number: "47", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-12-04T23:00:00.000+00:00", number: "48", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-12-05T23:00:00.000+00:00", number: "49", summary: "Neue Updates von SonicWall aufgenommen", }, { date: "2024-12-15T23:00:00.000+00:00", number: "50", summary: "Referenz(en) aufgenommen: 7178940, 7178937, 7178941, 7178939, 7178938", }, { date: "2024-12-17T23:00:00.000+00:00", number: "51", summary: "Neue Updates von Dell und XEROX aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "52", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2025-01-19T23:00:00.000+00:00", number: "53", summary: "Neue Updates von HP aufgenommen", }, ], status: "final", version: "53", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { branches: [ { category: "product_version_range", name: "<2.4.60", product: { name: "Apache HTTP Server <2.4.60", product_id: "T035727", }, }, { category: "product_version", name: "2.4.60", product: { name: "Apache HTTP Server 2.4.60", product_id: "T035727-fixed", product_identification_helper: { cpe: "cpe:/a:apache:http_server:2.4.60", }, }, }, ], category: "product_name", name: "HTTP Server", }, ], category: "vendor", name: "Apache", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_version_range", name: "<3.8.1.3", product: { name: "Dell ECS <3.8.1.3", product_id: "T039899", }, }, { category: "product_version", name: "3.8.1.3", product: { name: "Dell ECS 3.8.1.3", product_id: "T039899-fixed", product_identification_helper: { cpe: "cpe:/h:dell:ecs:3.8.1.3", }, }, }, ], category: "product_name", name: "ECS", }, { branches: [ { category: "product_version_range", name: "<19.10.0.5", product: { name: "Dell NetWorker <19.10.0.5", product_id: "T038270", }, }, { category: "product_version", name: "19.10.0.5", product: { name: "Dell NetWorker 19.10.0.5", product_id: "T038270-fixed", product_identification_helper: { cpe: "cpe:/a:dell:networker:19.10.0.5", }, }, }, ], category: "product_name", name: "NetWorker", }, { branches: [ { category: "product_name", name: "Dell PowerScale", product: { name: "Dell PowerScale", product_id: "T034610", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs", }, }, }, { category: "product_version_range", name: "OneFS <9.8.0.1", product: { name: "Dell PowerScale OneFS <9.8.0.1", product_id: "T035762", }, }, { category: "product_version", name: "OneFS 9.8.0.1", product: { name: "Dell PowerScale OneFS 9.8.0.1", product_id: "T035762-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.8.0.1", }, }, }, { category: "product_version_range", name: "OneFS <9.4.0.20", product: { name: "Dell PowerScale OneFS <9.4.0.20", product_id: "T038705", }, }, { category: "product_version", name: "OneFS 9.4.0.20", product: { name: "Dell PowerScale OneFS 9.4.0.20", product_id: "T038705-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.4.0.20", }, }, }, { category: "product_version_range", name: "OneFS <9.5.1.1", product: { name: "Dell PowerScale OneFS <9.5.1.1", product_id: "T038706", }, }, { category: "product_version", name: "OneFS 9.5.1.1", product: { name: "Dell PowerScale OneFS 9.5.1.1", product_id: "T038706-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.5.1.1", }, }, }, { category: "product_version_range", name: "OneFS <9.7.1.3", product: { name: "Dell PowerScale OneFS <9.7.1.3", product_id: "T039585", }, }, { category: "product_version", name: "OneFS 9.7.1.3", product: { name: "Dell PowerScale OneFS 9.7.1.3", product_id: "T039585-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.7.1.3", }, }, }, { category: "product_version_range", name: "OneFS <9.9.0.1", product: { name: "Dell PowerScale OneFS <9.9.0.1", product_id: "T039586", }, }, { category: "product_version", name: "OneFS 9.9.0.1", product: { name: "Dell PowerScale OneFS 9.9.0.1", product_id: "T039586-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.9.0.1", }, }, }, ], category: "product_name", name: "PowerScale", }, ], category: "vendor", name: "Dell", }, { branches: [ { branches: [ { category: "product_name", name: "F5 BIG-IP", product: { name: "F5 BIG-IP", product_id: "T001663", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:-", }, }, }, { category: "product_version", name: "17.1.0-17.1.1", product: { name: "F5 BIG-IP 17.1.0-17.1.1", product_id: "T034899", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1", }, }, }, { category: "product_version", name: "15.1.0-15.1.10", product: { name: "F5 BIG-IP 15.1.0-15.1.10", product_id: "T034902", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10", }, }, }, { category: "product_version", name: "16.1.0-16.1.5", product: { name: "F5 BIG-IP 16.1.0-16.1.5", product_id: "T037028", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5", }, }, }, ], category: "product_name", name: "BIG-IP", }, ], category: "vendor", name: "F5", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { branches: [ { category: "product_version", name: "8.x", product: { name: "HCL Commerce 8.x", product_id: "T038745", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:8.x", }, }, }, { category: "product_version", name: "9.0-9.0.1.21", product: { name: "HCL Commerce 9.0-9.0.1.21", product_id: "T038746", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:9.0_-_9.0.1.21", }, }, }, { category: "product_version", name: "9.1.0-9.1.15", product: { name: "HCL Commerce 9.1.0-9.1.15", product_id: "T038747", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.15", }, }, }, ], category: "product_name", name: "Commerce", }, ], category: "vendor", name: "HCL", }, { branches: [ { branches: [ { category: "product_version_range", name: "<11.31", product: { name: "HPE HP-UX <11.31", product_id: "T040402", }, }, { category: "product_version", name: "11.31", product: { name: "HPE HP-UX 11.31", product_id: "T040402-fixed", product_identification_helper: { cpe: "cpe:/o:hp:hp-ux:11.31", }, }, }, ], category: "product_name", name: "HP-UX", }, ], category: "vendor", name: "HPE", }, { branches: [ { branches: [ { category: "product_name", name: "IBM Business Automation Workflow", product: { name: "IBM Business Automation Workflow", product_id: "T019704", product_identification_helper: { cpe: "cpe:/a:ibm:business_automation_workflow:-", }, }, }, { category: "product_version", name: "24.0.0", product: { name: "IBM Business Automation Workflow 24.0.0", product_id: "T036570", product_identification_helper: { cpe: "cpe:/a:ibm:business_automation_workflow:24.0.0", }, }, }, ], category: "product_name", name: "Business Automation Workflow", }, { branches: [ { category: "product_version", name: "8.5", product: { name: "IBM HTTP Server 8.5", product_id: "T003676", product_identification_helper: { cpe: "cpe:/a:ibm:http_server:8.5", }, }, }, { category: "product_version", name: "9", product: { name: "IBM HTTP Server 9.0", product_id: "T008162", product_identification_helper: { cpe: "cpe:/a:ibm:http_server:9.0", }, }, }, ], category: "product_name", name: "HTTP Server", }, { branches: [ { category: "product_version_range", name: "<8.0.0.27", product: { name: "IBM Rational Build Forge <8.0.0.27", product_id: "T038286", }, }, { category: "product_version", name: "8.0.0.27", product: { name: "IBM Rational Build Forge 8.0.0.27", product_id: "T038286-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27", }, }, }, ], category: "product_name", name: "Rational Build Forge", }, { branches: [ { category: "product_version", name: "9.1-9.1.0.6", product: { name: "IBM Rational ClearQuest 9.1-9.1.0.6", product_id: "T034074", product_identification_helper: { cpe: "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.6", }, }, }, { category: "product_version", name: "10.0-10.0.5", product: { name: "IBM Rational ClearQuest 10.0-10.0.5", product_id: "T034075", product_identification_helper: { cpe: "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.5", }, }, }, ], category: "product_name", name: "Rational ClearQuest", }, { branches: [ { category: "product_version", name: "6.3.0.7", product: { name: "IBM Tivoli Monitoring 6.3.0.7", product_id: "342008", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_monitoring:6.3.0.7", }, }, }, ], category: "product_name", name: "Tivoli Monitoring", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<10.2.1.14-75sv", product: { name: "SonicWall SMA <10.2.1.14-75sv", product_id: "T039602", }, }, { category: "product_version", name: "10.2.1.14-75sv", product: { name: "SonicWall SMA 10.2.1.14-75sv", product_id: "T039602-fixed", product_identification_helper: { cpe: "cpe:/a:sonicwall:secure_mobile_access:10.2.1.14-75sv", }, }, }, ], category: "product_name", name: "SMA", }, ], category: "vendor", name: "SonicWall", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server", product: { name: "Xerox FreeFlow Print Server", product_id: "T010509", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:-", }, }, }, { category: "product_version", name: "v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, { category: "product_version_range", name: "<9.0 SP-3 (93.M3.14.86)", product: { name: "Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)", product_id: "T039896", }, }, { category: "product_version", name: "9.0 SP-3 (93.M3.14.86)", product: { name: "Xerox FreeFlow Print Server 9.0 SP-3 (93.M3.14.86)", product_id: "T039896-fixed", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9.0_sp-3_%2893.m3.14.86%29", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2023-38709", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2023-38709", }, { cve: "CVE-2024-36387", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-36387", }, { cve: "CVE-2024-38472", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-39573", }, ], }
WID-SEC-W-2024-3291
Vulnerability from csaf_certbund
Published
2024-10-28 23:00
Modified
2024-12-19 23:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- MacOS X
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- MacOS X", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3291 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3291.json", }, { category: "self", summary: "WID-SEC-2024-3291 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3291", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00003.html", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00004.html", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00005.html", }, ], source_lang: "en-US", title: "Apple macOS: Mehrere Schwachstellen", tracking: { current_release_date: "2024-12-19T23:00:00.000+00:00", generator: { date: "2024-12-20T09:13:17.440+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3291", initial_release_date: "2024-10-28T23:00:00.000+00:00", revision_history: [ { date: "2024-10-28T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-19T23:00:00.000+00:00", number: "2", summary: "CVE Nummern ergänzt", }, { date: "2024-12-11T23:00:00.000+00:00", number: "3", summary: "CVE Nummern ergänzt", }, { date: "2024-12-19T23:00:00.000+00:00", number: "4", summary: "CVE-2024-54538 ergänzt", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "Sequoia <15.1", product: { name: "Apple macOS Sequoia <15.1", product_id: "T038638", }, }, { category: "product_version", name: "Sequoia 15.1", product: { name: "Apple macOS Sequoia 15.1", product_id: "T038638-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:sequoia__15.1", }, }, }, { category: "product_version_range", name: "Sonoma <14.7.1", product: { name: "Apple macOS Sonoma <14.7.1", product_id: "T038639", }, }, { category: "product_version", name: "Sonoma 14.7.1", product: { name: "Apple macOS Sonoma 14.7.1", product_id: "T038639-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:sonoma__14.7.1", }, }, }, { category: "product_version_range", name: "Ventura <13.7.1", product: { name: "Apple macOS Ventura <13.7.1", product_id: "T038640", }, }, { category: "product_version", name: "Ventura 13.7.1", product: { name: "Apple macOS Ventura 13.7.1", product_id: "T038640-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:ventura__13.7.1", }, }, }, ], category: "product_name", name: "macOS", }, ], category: "vendor", name: "Apple", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38476", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-39573", }, { cve: "CVE-2024-40849", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40849", }, { cve: "CVE-2024-40855", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40855", }, { cve: "CVE-2024-40858", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40858", }, { cve: "CVE-2024-44122", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44122", }, { cve: "CVE-2024-44126", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44126", }, { cve: "CVE-2024-44137", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44137", }, { cve: "CVE-2024-44144", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44144", }, { cve: "CVE-2024-44156", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44156", }, { cve: "CVE-2024-44159", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44159", }, { cve: "CVE-2024-44175", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44175", }, { cve: "CVE-2024-44194", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44194", }, { cve: "CVE-2024-44195", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44195", }, { cve: "CVE-2024-44196", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44196", }, { cve: "CVE-2024-44197", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44197", }, { cve: "CVE-2024-44200", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44200", }, { cve: "CVE-2024-44201", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44201", }, { cve: "CVE-2024-44211", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44211", }, { cve: "CVE-2024-44212", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44212", }, { cve: "CVE-2024-44213", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44213", }, { cve: "CVE-2024-44215", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44215", }, { cve: "CVE-2024-44216", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44216", }, { cve: "CVE-2024-44218", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44218", }, { cve: "CVE-2024-44219", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44219", }, { cve: "CVE-2024-44222", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44222", }, { cve: "CVE-2024-44223", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44223", }, { cve: "CVE-2024-44229", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44229", }, { cve: "CVE-2024-44231", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44231", }, { cve: "CVE-2024-44232", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44232", }, { cve: "CVE-2024-44233", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44233", }, { cve: "CVE-2024-44234", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44234", }, { cve: "CVE-2024-44236", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44236", }, { cve: "CVE-2024-44237", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44237", }, { cve: "CVE-2024-44239", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44239", }, { cve: "CVE-2024-44240", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44240", }, { cve: "CVE-2024-44241", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44241", }, { cve: "CVE-2024-44242", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44242", }, { cve: "CVE-2024-44244", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44244", }, { cve: "CVE-2024-44247", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44247", }, { cve: "CVE-2024-44248", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44248", }, { cve: "CVE-2024-44253", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44253", }, { cve: "CVE-2024-44254", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44254", }, { cve: "CVE-2024-44255", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44255", }, { cve: "CVE-2024-44256", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44256", }, { cve: "CVE-2024-44257", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44257", }, { cve: "CVE-2024-44259", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44259", }, { cve: "CVE-2024-44260", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44260", }, { cve: "CVE-2024-44264", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44264", }, { cve: "CVE-2024-44265", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44265", }, { cve: "CVE-2024-44267", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44267", }, { cve: "CVE-2024-44269", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44269", }, { cve: "CVE-2024-44270", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44270", }, { cve: "CVE-2024-44273", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44273", }, { cve: "CVE-2024-44275", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44275", }, { cve: "CVE-2024-44277", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44277", }, { cve: "CVE-2024-44278", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44278", }, { cve: "CVE-2024-44279", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44279", }, { cve: "CVE-2024-44280", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44280", }, { cve: "CVE-2024-44281", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44281", }, { cve: "CVE-2024-44282", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44282", }, { cve: "CVE-2024-44283", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44283", }, { cve: "CVE-2024-44284", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44284", }, { cve: "CVE-2024-44285", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44285", }, { cve: "CVE-2024-44287", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44287", }, { cve: "CVE-2024-44289", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44289", }, { cve: "CVE-2024-44290", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44290", }, { cve: "CVE-2024-44292", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44292", }, { cve: "CVE-2024-44293", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44293", }, { cve: "CVE-2024-44294", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44294", }, { cve: "CVE-2024-44295", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44295", }, { cve: "CVE-2024-44296", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44296", }, { cve: "CVE-2024-44297", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44297", }, { cve: "CVE-2024-44298", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44298", }, { cve: "CVE-2024-44299", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44299", }, { cve: "CVE-2024-44301", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44301", }, { cve: "CVE-2024-44302", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44302", }, { cve: "CVE-2024-44303", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44303", }, { cve: "CVE-2024-54471", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-54471", }, { cve: "CVE-2024-54538", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-54538", }, ], }
wid-sec-w-2024-1504
Vulnerability from csaf_certbund
Published
2024-07-01 22:00
Modified
2025-01-19 23:00
Summary
Apache HTTP Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache ist ein Webserver für verschiedene Plattformen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Apache ist ein Webserver für verschiedene Plattformen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux\n- MacOS X\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1504 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1504.json", }, { category: "self", summary: "WID-SEC-2024-1504 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504", }, { category: "external", summary: "Apache Advisory vom 2024-07-01", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295018", }, { category: "external", summary: "Red Hat Bugzilla vom 2024-07-01", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", }, { category: "external", summary: "Apache HTTP Server", url: "https://seclists.org/oss-sec/2024/q3/8", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:4197 vom 2024-07-02", url: "https://errata.build.resf.org/RLSA-2024:4197", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-39F1A828ED vom 2024-07-03", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39f1a828ed", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-E7E73BEFAD vom 2024-07-03", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7e73befad", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-1 vom 2024-07-08", url: "https://ubuntu.com/security/notices/USN-6885-1", }, { category: "external", summary: "IBM Security Bulletin 7159849 vom 2024-07-09", url: "https://www.ibm.com/support/pages/node/7159849", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-661BB6322D vom 2024-07-11", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-661bb6322d", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-CB8ACBF644 vom 2024-07-11", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cb8acbf644", }, { category: "external", summary: "IBM Security Bulletin 7160019 vom 2024-07-11", url: "https://www.ibm.com/support/pages/node/7160019", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2405-1 vom 2024-07-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018934.html", }, { category: "external", summary: "Debian Security Advisory DSA-5729 vom 2024-07-12", url: "https://lists.debian.org/debian-security-announce/2024/msg00140.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-2 vom 2024-07-11", url: "https://ubuntu.com/security/notices/USN-6885-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2560-1 vom 2024-07-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019002.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2594 vom 2024-07-23", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2594.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2591-1 vom 2024-07-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019006.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2597-1 vom 2024-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019023.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4726 vom 2024-07-24", url: "https://linux.oracle.com/errata/ELSA-2024-4726.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4719 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4719", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4720 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4720", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4726 vom 2024-07-23", url: "https://access.redhat.com/errata/RHSA-2024:4726", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4720 vom 2024-07-24", url: "https://linux.oracle.com/errata/ELSA-2024-4720.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-1944 vom 2024-07-24", url: "https://alas.aws.amazon.com/ALAS-2024-1944.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4827 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4827", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4830 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4830", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4820 vom 2024-07-24", url: "https://access.redhat.com/errata/RHSA-2024:4820", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4862 vom 2024-07-25", url: "https://access.redhat.com/errata/RHSA-2024:4862", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4863 vom 2024-07-25", url: "https://access.redhat.com/errata/RHSA-2024:4863", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:4726 vom 2024-07-26", url: "https://errata.build.resf.org/RLSA-2024:4726", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2624-1 vom 2024-07-30", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019050.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4938 vom 2024-07-31", url: "https://access.redhat.com/errata/RHSA-2024:4938", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4943 vom 2024-07-31", url: "https://access.redhat.com/errata/RHSA-2024:4943", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-E83AF0855E vom 2024-08-01", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e83af0855e", }, { category: "external", summary: "F5 Security Advisory K000140505 vom 2024-08-03", url: "https://my.f5.com/manage/s/article/K000140505", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5001 vom 2024-08-05", url: "https://access.redhat.com/errata/RHSA-2024:5001", }, { category: "external", summary: "F5 Security Advisory K000140620 vom 2024-08-08", url: "https://my.f5.com/manage/s/article/K000140620", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5138 vom 2024-08-08", url: "https://access.redhat.com/errata/RHSA-2024:5138", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5138 vom 2024-08-09", url: "https://linux.oracle.com/errata/ELSA-2024-5138.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5193 vom 2024-08-12", url: "https://access.redhat.com/errata/RHSA-2024:5193", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5239 vom 2024-08-13", url: "https://access.redhat.com/errata/RHSA-2024:5239", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5240 vom 2024-08-13", url: "https://access.redhat.com/errata/RHSA-2024:5240", }, { category: "external", summary: "F5 Security Advisory K000140693 vom 2024-08-13", url: "https://my.f5.com/manage/s/article/K000140693", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-5193 vom 2024-08-14", url: "https://linux.oracle.com/errata/ELSA-2024-5193.html", }, { category: "external", summary: "IBM Security Bulletin 7165827 vom 2024-08-19", url: "https://www.ibm.com/support/pages/node/7165827", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2436-1 vom 2024-08-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019226.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2997-1 vom 2024-08-21", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019299.html", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5138 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5138", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:5193 vom 2024-08-21", url: "https://errata.build.resf.org/RLSA-2024:5193", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2999-1 vom 2024-08-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019301.html", }, { category: "external", summary: "F5 Security Advisory K000140784 vom 2024-08-23", url: "https://my.f5.com/manage/s/article/K000140784", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5812 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5812", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:5832 vom 2024-08-26", url: "https://access.redhat.com/errata/RHSA-2024:5832", }, { category: "external", summary: "DELL Security Update for Dell PowerScale OneFS", url: "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6136 vom 2024-09-03", url: "https://access.redhat.com/errata/RHSA-2024:6136", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04", url: "https://access.redhat.com/errata/RHSA-2024:6004", }, { category: "external", summary: "IBM Security Bulletin 7166853 vom 2024-09-05", url: "https://www.ibm.com/support/pages/node/7166853", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05", url: "https://access.redhat.com/errata/RHSA-2024:6013", }, { category: "external", summary: "IBM Security Bulletin 7167662 vom 2024-09-05", url: "https://www.ibm.com/support/pages/node/7167662", }, { category: "external", summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6468 vom 2024-09-09", url: "https://access.redhat.com/errata/RHSA-2024:6468", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6467 vom 2024-09-09", url: "https://access.redhat.com/errata/RHSA-2024:6467", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:3173-1 vom 2024-09-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019389.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:3172-1 vom 2024-09-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6584 vom 2024-09-11", url: "https://access.redhat.com/errata/RHSA-2024:6584", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6583 vom 2024-09-11", url: "https://access.redhat.com/errata/RHSA-2024:6583", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-4943 vom 2024-09-14", url: "https://linux.oracle.com/errata/ELSA-2024-4943.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6885-3 vom 2024-09-18", url: "https://ubuntu.com/security/notices/USN-6885-3", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6928 vom 2024-09-24", url: "https://access.redhat.com/errata/RHSA-2024:6928", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:6927 vom 2024-09-24", url: "https://access.redhat.com/errata/RHSA-2024:6927", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:7101 vom 2024-09-25", url: "https://access.redhat.com/errata/RHSA-2024:7101", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202409-31 vom 2024-09-28", url: "https://security.gentoo.org/glsa/202409-31", }, { category: "external", summary: "Dell Security Advisory DSA-2024-423 vom 2024-10-11", url: "https://www.dell.com/support/kbdoc/de-de/000235068/dsa-2024-423-security-update-for-dell-networker-and-networker-management-console-nmc-multiple-component-vulnerabilities", }, { category: "external", summary: "IBM Security Bulletin 7173018 vom 2024-10-14", url: "https://www.ibm.com/support/pages/node/7173018", }, { category: "external", summary: "Debian Security Advisory DLA-3921 vom 2024-10-17", url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00013.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-7101 vom 2024-10-17", url: "https://linux.oracle.com/errata/ELSA-2024-7101.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:8680 vom 2024-10-31", url: "https://access.redhat.com/errata/RHSA-2024:8680", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-8680 vom 2024-10-31", url: "http://linux.oracle.com/errata/ELSA-2024-8680.html", }, { category: "external", summary: "HCL Security Advisory", url: "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115052", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:8680 vom 2024-11-08", url: "https://errata.build.resf.org/RLSA-2024:8680", }, { category: "external", summary: "XEROX Security Advisory XRX24-016 vom 2024-11-18", url: "https://security.business.xerox.com/wp-content/uploads/2024/11/Xerox%C2%AE-Security-Bulletin-XRX24-016-for-Xerox%C2%AEFreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "Dell Security Advisory DSA-2024-453 vom 2024-12-05", url: "https://www.dell.com/support/kbdoc/de-de/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities", }, { category: "external", summary: "SonicWall Security Advisory SNWLID-2024-0018 vom 2024-12-06", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018", }, { category: "external", summary: "Dell Security Advisory DSA-2024-483 vom 2024-12-18", url: "https://www.dell.com/support/kbdoc/de-de/000256642/dsa-2024-483-security-update-for-dell-ecs-multiple-vulnerabilities", }, { category: "external", summary: "XEROX Security Advisory XRX24-019 vom 2024-12-17", url: "https://security.business.xerox.com/wp-content/uploads/2024/12/Xerox-Security-Bulletin-XRX24-019-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "HPE Security Bulletin vom 2025-01-17", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04773en_us&docLocale=en_US", }, ], source_lang: "en-US", title: "Apache HTTP Server: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-19T23:00:00.000+00:00", generator: { date: "2025-01-20T09:21:02.020+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1504", initial_release_date: "2024-07-01T22:00:00.000+00:00", revision_history: [ { date: "2024-07-01T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-07-02T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-07-03T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-07-08T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-07-09T22:00:00.000+00:00", number: "5", summary: "Neue Updates von IBM und IBM-APAR aufgenommen", }, { date: "2024-07-11T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Fedora, IBM, SUSE, Debian und Ubuntu aufgenommen", }, { date: "2024-07-18T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-22T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Amazon und SUSE aufgenommen", }, { date: "2024-07-23T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2024-07-24T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Amazon und Red Hat aufgenommen", }, { date: "2024-07-25T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-07-28T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-07-29T22:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-01T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-08-04T22:00:00.000+00:00", number: "16", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-07T22:00:00.000+00:00", number: "17", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-08-11T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2024-08-13T22:00:00.000+00:00", number: "20", summary: "Neue Updates von Red Hat und F5 aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "21", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-08-18T22:00:00.000+00:00", number: "22", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-08-19T22:00:00.000+00:00", number: "23", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-21T22:00:00.000+00:00", number: "24", summary: "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-08-22T22:00:00.000+00:00", number: "25", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-25T22:00:00.000+00:00", number: "26", summary: "Neue Updates von F5 aufgenommen", }, { date: "2024-09-01T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-09-02T22:00:00.000+00:00", number: "28", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-03T22:00:00.000+00:00", number: "29", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "30", summary: "Neue Updates von IBM, Red Hat und XEROX aufgenommen", }, { date: "2024-09-08T22:00:00.000+00:00", number: "31", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-09T22:00:00.000+00:00", number: "32", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-09-11T22:00:00.000+00:00", number: "33", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-15T22:00:00.000+00:00", number: "34", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-09-18T22:00:00.000+00:00", number: "35", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-09-24T22:00:00.000+00:00", number: "36", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-25T22:00:00.000+00:00", number: "37", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-09-29T22:00:00.000+00:00", number: "38", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2024-10-10T22:00:00.000+00:00", number: "39", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-10-13T22:00:00.000+00:00", number: "40", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-10-17T22:00:00.000+00:00", number: "41", summary: "Neue Updates von Debian und Oracle Linux aufgenommen", }, { date: "2024-10-30T23:00:00.000+00:00", number: "42", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-10-31T23:00:00.000+00:00", number: "43", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-11-03T23:00:00.000+00:00", number: "44", summary: "Neue Updates von HCL aufgenommen", }, { date: "2024-11-10T23:00:00.000+00:00", number: "45", summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "46", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-11-21T23:00:00.000+00:00", number: "47", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-12-04T23:00:00.000+00:00", number: "48", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-12-05T23:00:00.000+00:00", number: "49", summary: "Neue Updates von SonicWall aufgenommen", }, { date: "2024-12-15T23:00:00.000+00:00", number: "50", summary: "Referenz(en) aufgenommen: 7178940, 7178937, 7178941, 7178939, 7178938", }, { date: "2024-12-17T23:00:00.000+00:00", number: "51", summary: "Neue Updates von Dell und XEROX aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "52", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2025-01-19T23:00:00.000+00:00", number: "53", summary: "Neue Updates von HP aufgenommen", }, ], status: "final", version: "53", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { branches: [ { category: "product_version_range", name: "<2.4.60", product: { name: "Apache HTTP Server <2.4.60", product_id: "T035727", }, }, { category: "product_version", name: "2.4.60", product: { name: "Apache HTTP Server 2.4.60", product_id: "T035727-fixed", product_identification_helper: { cpe: "cpe:/a:apache:http_server:2.4.60", }, }, }, ], category: "product_name", name: "HTTP Server", }, ], category: "vendor", name: "Apache", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_version_range", name: "<3.8.1.3", product: { name: "Dell ECS <3.8.1.3", product_id: "T039899", }, }, { category: "product_version", name: "3.8.1.3", product: { name: "Dell ECS 3.8.1.3", product_id: "T039899-fixed", product_identification_helper: { cpe: "cpe:/h:dell:ecs:3.8.1.3", }, }, }, ], category: "product_name", name: "ECS", }, { branches: [ { category: "product_version_range", name: "<19.10.0.5", product: { name: "Dell NetWorker <19.10.0.5", product_id: "T038270", }, }, { category: "product_version", name: "19.10.0.5", product: { name: "Dell NetWorker 19.10.0.5", product_id: "T038270-fixed", product_identification_helper: { cpe: "cpe:/a:dell:networker:19.10.0.5", }, }, }, ], category: "product_name", name: "NetWorker", }, { branches: [ { category: "product_name", name: "Dell PowerScale", product: { name: "Dell PowerScale", product_id: "T034610", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs", }, }, }, { category: "product_version_range", name: "OneFS <9.8.0.1", product: { name: "Dell PowerScale OneFS <9.8.0.1", product_id: "T035762", }, }, { category: "product_version", name: "OneFS 9.8.0.1", product: { name: "Dell PowerScale OneFS 9.8.0.1", product_id: "T035762-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.8.0.1", }, }, }, { category: "product_version_range", name: "OneFS <9.4.0.20", product: { name: "Dell PowerScale OneFS <9.4.0.20", product_id: "T038705", }, }, { category: "product_version", name: "OneFS 9.4.0.20", product: { name: "Dell PowerScale OneFS 9.4.0.20", product_id: "T038705-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.4.0.20", }, }, }, { category: "product_version_range", name: "OneFS <9.5.1.1", product: { name: "Dell PowerScale OneFS <9.5.1.1", product_id: "T038706", }, }, { category: "product_version", name: "OneFS 9.5.1.1", product: { name: "Dell PowerScale OneFS 9.5.1.1", product_id: "T038706-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.5.1.1", }, }, }, { category: "product_version_range", name: "OneFS <9.7.1.3", product: { name: "Dell PowerScale OneFS <9.7.1.3", product_id: "T039585", }, }, { category: "product_version", name: "OneFS 9.7.1.3", product: { name: "Dell PowerScale OneFS 9.7.1.3", product_id: "T039585-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.7.1.3", }, }, }, { category: "product_version_range", name: "OneFS <9.9.0.1", product: { name: "Dell PowerScale OneFS <9.9.0.1", product_id: "T039586", }, }, { category: "product_version", name: "OneFS 9.9.0.1", product: { name: "Dell PowerScale OneFS 9.9.0.1", product_id: "T039586-fixed", product_identification_helper: { cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.9.0.1", }, }, }, ], category: "product_name", name: "PowerScale", }, ], category: "vendor", name: "Dell", }, { branches: [ { branches: [ { category: "product_name", name: "F5 BIG-IP", product: { name: "F5 BIG-IP", product_id: "T001663", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:-", }, }, }, { category: "product_version", name: "17.1.0-17.1.1", product: { name: "F5 BIG-IP 17.1.0-17.1.1", product_id: "T034899", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1", }, }, }, { category: "product_version", name: "15.1.0-15.1.10", product: { name: "F5 BIG-IP 15.1.0-15.1.10", product_id: "T034902", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10", }, }, }, { category: "product_version", name: "16.1.0-16.1.5", product: { name: "F5 BIG-IP 16.1.0-16.1.5", product_id: "T037028", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5", }, }, }, ], category: "product_name", name: "BIG-IP", }, ], category: "vendor", name: "F5", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { branches: [ { category: "product_version", name: "8.x", product: { name: "HCL Commerce 8.x", product_id: "T038745", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:8.x", }, }, }, { category: "product_version", name: "9.0-9.0.1.21", product: { name: "HCL Commerce 9.0-9.0.1.21", product_id: "T038746", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:9.0_-_9.0.1.21", }, }, }, { category: "product_version", name: "9.1.0-9.1.15", product: { name: "HCL Commerce 9.1.0-9.1.15", product_id: "T038747", product_identification_helper: { cpe: "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.15", }, }, }, ], category: "product_name", name: "Commerce", }, ], category: "vendor", name: "HCL", }, { branches: [ { branches: [ { category: "product_version_range", name: "<11.31", product: { name: "HPE HP-UX <11.31", product_id: "T040402", }, }, { category: "product_version", name: "11.31", product: { name: "HPE HP-UX 11.31", product_id: "T040402-fixed", product_identification_helper: { cpe: "cpe:/o:hp:hp-ux:11.31", }, }, }, ], category: "product_name", name: "HP-UX", }, ], category: "vendor", name: "HPE", }, { branches: [ { branches: [ { category: "product_name", name: "IBM Business Automation Workflow", product: { name: "IBM Business Automation Workflow", product_id: "T019704", product_identification_helper: { cpe: "cpe:/a:ibm:business_automation_workflow:-", }, }, }, { category: "product_version", name: "24.0.0", product: { name: "IBM Business Automation Workflow 24.0.0", product_id: "T036570", product_identification_helper: { cpe: "cpe:/a:ibm:business_automation_workflow:24.0.0", }, }, }, ], category: "product_name", name: "Business Automation Workflow", }, { branches: [ { category: "product_version", name: "8.5", product: { name: "IBM HTTP Server 8.5", product_id: "T003676", product_identification_helper: { cpe: "cpe:/a:ibm:http_server:8.5", }, }, }, { category: "product_version", name: "9", product: { name: "IBM HTTP Server 9.0", product_id: "T008162", product_identification_helper: { cpe: "cpe:/a:ibm:http_server:9.0", }, }, }, ], category: "product_name", name: "HTTP Server", }, { branches: [ { category: "product_version_range", name: "<8.0.0.27", product: { name: "IBM Rational Build Forge <8.0.0.27", product_id: "T038286", }, }, { category: "product_version", name: "8.0.0.27", product: { name: "IBM Rational Build Forge 8.0.0.27", product_id: "T038286-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27", }, }, }, ], category: "product_name", name: "Rational Build Forge", }, { branches: [ { category: "product_version", name: "9.1-9.1.0.6", product: { name: "IBM Rational ClearQuest 9.1-9.1.0.6", product_id: "T034074", product_identification_helper: { cpe: "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.6", }, }, }, { category: "product_version", name: "10.0-10.0.5", product: { name: "IBM Rational ClearQuest 10.0-10.0.5", product_id: "T034075", product_identification_helper: { cpe: "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.5", }, }, }, ], category: "product_name", name: "Rational ClearQuest", }, { branches: [ { category: "product_version", name: "6.3.0.7", product: { name: "IBM Tivoli Monitoring 6.3.0.7", product_id: "342008", product_identification_helper: { cpe: "cpe:/a:ibm:tivoli_monitoring:6.3.0.7", }, }, }, ], category: "product_name", name: "Tivoli Monitoring", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<10.2.1.14-75sv", product: { name: "SonicWall SMA <10.2.1.14-75sv", product_id: "T039602", }, }, { category: "product_version", name: "10.2.1.14-75sv", product: { name: "SonicWall SMA 10.2.1.14-75sv", product_id: "T039602-fixed", product_identification_helper: { cpe: "cpe:/a:sonicwall:secure_mobile_access:10.2.1.14-75sv", }, }, }, ], category: "product_name", name: "SMA", }, ], category: "vendor", name: "SonicWall", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server", product: { name: "Xerox FreeFlow Print Server", product_id: "T010509", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:-", }, }, }, { category: "product_version", name: "v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, { category: "product_version_range", name: "<9.0 SP-3 (93.M3.14.86)", product: { name: "Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)", product_id: "T039896", }, }, { category: "product_version", name: "9.0 SP-3 (93.M3.14.86)", product: { name: "Xerox FreeFlow Print Server 9.0 SP-3 (93.M3.14.86)", product_id: "T039896-fixed", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9.0_sp-3_%2893.m3.14.86%29", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2023-38709", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2023-38709", }, { cve: "CVE-2024-36387", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-36387", }, { cve: "CVE-2024-38472", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T038706", "T038747", "67646", "T034902", "T038746", "T038705", "T038745", "T039899", "T004914", "T039896", "T038286", "T001663", "398363", "342008", "T010509", "T034899", "T028053", "T034610", "T035727", "T003676", "T015632", "T034075", "T037028", "T012167", "T034074", "T039602", "T039586", "T032255", "T039585", "74185", "T035762", "T036570", "2951", "T002207", "T000126", "T019704", "T038270", "T040402", "T008162", ], }, release_date: "2024-07-01T22:00:00.000+00:00", title: "CVE-2024-39573", }, ], }
wid-sec-w-2024-3291
Vulnerability from csaf_certbund
Published
2024-10-28 23:00
Modified
2024-12-19 23:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- MacOS X
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- MacOS X", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3291 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3291.json", }, { category: "self", summary: "WID-SEC-2024-3291 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3291", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00003.html", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00004.html", }, { category: "external", summary: "Apple Security Advisory vom 2024-10-28", url: "https://lists.apple.com/archives/security-announce/2024/Oct/msg00005.html", }, ], source_lang: "en-US", title: "Apple macOS: Mehrere Schwachstellen", tracking: { current_release_date: "2024-12-19T23:00:00.000+00:00", generator: { date: "2024-12-20T09:13:17.440+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3291", initial_release_date: "2024-10-28T23:00:00.000+00:00", revision_history: [ { date: "2024-10-28T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-19T23:00:00.000+00:00", number: "2", summary: "CVE Nummern ergänzt", }, { date: "2024-12-11T23:00:00.000+00:00", number: "3", summary: "CVE Nummern ergänzt", }, { date: "2024-12-19T23:00:00.000+00:00", number: "4", summary: "CVE-2024-54538 ergänzt", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "Sequoia <15.1", product: { name: "Apple macOS Sequoia <15.1", product_id: "T038638", }, }, { category: "product_version", name: "Sequoia 15.1", product: { name: "Apple macOS Sequoia 15.1", product_id: "T038638-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:sequoia__15.1", }, }, }, { category: "product_version_range", name: "Sonoma <14.7.1", product: { name: "Apple macOS Sonoma <14.7.1", product_id: "T038639", }, }, { category: "product_version", name: "Sonoma 14.7.1", product: { name: "Apple macOS Sonoma 14.7.1", product_id: "T038639-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:sonoma__14.7.1", }, }, }, { category: "product_version_range", name: "Ventura <13.7.1", product: { name: "Apple macOS Ventura <13.7.1", product_id: "T038640", }, }, { category: "product_version", name: "Ventura 13.7.1", product: { name: "Apple macOS Ventura 13.7.1", product_id: "T038640-fixed", product_identification_helper: { cpe: "cpe:/o:apple:mac_os:ventura__13.7.1", }, }, }, ], category: "product_name", name: "macOS", }, ], category: "vendor", name: "Apple", }, ], }, vulnerabilities: [ { cve: "CVE-2024-38476", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-38477", }, { cve: "CVE-2024-39573", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-39573", }, { cve: "CVE-2024-40849", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40849", }, { cve: "CVE-2024-40855", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40855", }, { cve: "CVE-2024-40858", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-40858", }, { cve: "CVE-2024-44122", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44122", }, { cve: "CVE-2024-44126", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44126", }, { cve: "CVE-2024-44137", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44137", }, { cve: "CVE-2024-44144", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44144", }, { cve: "CVE-2024-44156", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44156", }, { cve: "CVE-2024-44159", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44159", }, { cve: "CVE-2024-44175", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44175", }, { cve: "CVE-2024-44194", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44194", }, { cve: "CVE-2024-44195", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44195", }, { cve: "CVE-2024-44196", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44196", }, { cve: "CVE-2024-44197", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44197", }, { cve: "CVE-2024-44200", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44200", }, { cve: "CVE-2024-44201", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44201", }, { cve: "CVE-2024-44211", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44211", }, { cve: "CVE-2024-44212", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44212", }, { cve: "CVE-2024-44213", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44213", }, { cve: "CVE-2024-44215", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44215", }, { cve: "CVE-2024-44216", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44216", }, { cve: "CVE-2024-44218", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44218", }, { cve: "CVE-2024-44219", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44219", }, { cve: "CVE-2024-44222", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44222", }, { cve: "CVE-2024-44223", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44223", }, { cve: "CVE-2024-44229", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44229", }, { cve: "CVE-2024-44231", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44231", }, { cve: "CVE-2024-44232", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44232", }, { cve: "CVE-2024-44233", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44233", }, { cve: "CVE-2024-44234", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44234", }, { cve: "CVE-2024-44236", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44236", }, { cve: "CVE-2024-44237", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44237", }, { cve: "CVE-2024-44239", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44239", }, { cve: "CVE-2024-44240", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44240", }, { cve: "CVE-2024-44241", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44241", }, { cve: "CVE-2024-44242", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44242", }, { cve: "CVE-2024-44244", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44244", }, { cve: "CVE-2024-44247", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44247", }, { cve: "CVE-2024-44248", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44248", }, { cve: "CVE-2024-44253", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44253", }, { cve: "CVE-2024-44254", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44254", }, { cve: "CVE-2024-44255", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44255", }, { cve: "CVE-2024-44256", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44256", }, { cve: "CVE-2024-44257", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44257", }, { cve: "CVE-2024-44259", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44259", }, { cve: "CVE-2024-44260", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44260", }, { cve: "CVE-2024-44264", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44264", }, { cve: "CVE-2024-44265", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44265", }, { cve: "CVE-2024-44267", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44267", }, { cve: "CVE-2024-44269", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44269", }, { cve: "CVE-2024-44270", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44270", }, { cve: "CVE-2024-44273", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44273", }, { cve: "CVE-2024-44275", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44275", }, { cve: "CVE-2024-44277", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44277", }, { cve: "CVE-2024-44278", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44278", }, { cve: "CVE-2024-44279", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44279", }, { cve: "CVE-2024-44280", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44280", }, { cve: "CVE-2024-44281", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44281", }, { cve: "CVE-2024-44282", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44282", }, { cve: "CVE-2024-44283", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44283", }, { cve: "CVE-2024-44284", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44284", }, { cve: "CVE-2024-44285", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44285", }, { cve: "CVE-2024-44287", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44287", }, { cve: "CVE-2024-44289", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44289", }, { cve: "CVE-2024-44290", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44290", }, { cve: "CVE-2024-44292", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44292", }, { cve: "CVE-2024-44293", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44293", }, { cve: "CVE-2024-44294", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44294", }, { cve: "CVE-2024-44295", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44295", }, { cve: "CVE-2024-44296", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44296", }, { cve: "CVE-2024-44297", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44297", }, { cve: "CVE-2024-44298", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44298", }, { cve: "CVE-2024-44299", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44299", }, { cve: "CVE-2024-44301", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44301", }, { cve: "CVE-2024-44302", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44302", }, { cve: "CVE-2024-44303", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-44303", }, { cve: "CVE-2024-54471", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-54471", }, { cve: "CVE-2024-54538", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Apple macOS Sequoia, Sonoma und Ventura. Diese Fehler betreffen mehrere Komponenten, darunter Assets, Maps, Installer und Shortcuts, aufgrund einer Reihe von Sicherheitslücken, die nicht im Detail offengelegt wurden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, Daten zu verändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen preiszugeben. Eine erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.", }, ], product_status: { known_affected: [ "T038639", "T038638", "T038640", ], }, release_date: "2024-10-28T23:00:00.000+00:00", title: "CVE-2024-54538", }, ], }
fkie_cve-2024-38477
Vulnerability from fkie_nvd
Published
2024-07-01 19:15
Modified
2025-03-18 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| netapp | clustered_data_ontap | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "13126636-FD76-4E3E-B949-14A5082DE02A", versionEndExcluding: "2.4.60", versionStartIncluding: "2.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*", matchCriteriaId: "C3ED302E-F464-40DE-A976-FD518E42D95D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", }, { lang: "es", value: "La desreferencia del puntero nulo en mod_proxy en Apache HTTP Server 2.4.59 y versiones anteriores permite a un atacante bloquear el servidor mediante una solicitud maliciosa. Se recomienda a los usuarios actualizar a la versión 2.4.60, que soluciona este problema.", }, ], id: "CVE-2024-38477", lastModified: "2025-03-18T19:15:42.683", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-01T19:15:05.083", references: [ { source: "security@apache.org", tags: [ "Vendor Advisory", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240712-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/01/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240712-0001/", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "security@apache.org", type: "Secondary", }, ], }
ghsa-phjg-7fch-3c2f
Vulnerability from github
Published
2024-07-01 21:31
Modified
2025-03-18 21:31
Severity ?
Details
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
{ affected: [], aliases: [ "CVE-2024-38477", ], database_specific: { cwe_ids: [ "CWE-476", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-07-01T19:15:05Z", severity: "HIGH", }, details: "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", id: "GHSA-phjg-7fch-3c2f", modified: "2025-03-18T21:31:46Z", published: "2024-07-01T21:31:14Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38477", }, { type: "WEB", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20240712-0001", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2024/07/01/10", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.