CLSA-2022-1656430723

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2022-1656430723

Upstream

CVE-2022-26377

CVE-2022-28615

CVE-2022-31813

Published

2022-06-28T15:38:43Z

Modified

2026-06-01T00:33:24.542382756Z

Summary

Fixed CVEs in httpd: CVE-2022-28615, CVE-2022-31813, CVE-2022-26377

Details

CVE-2022-26377: modproxyajp: fix HTTP request smuggling
CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch()
CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded-* headers correctly

References

https://errata.cloudlinux.com/ol6/CLSA-2022-1656430723.html

Affected packages

TuxCare:OracleLinux:6

httpd

Package

Name: httpd
Purl: pkg:rpm/tuxcare/httpd?distro=oraclelinux-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.15-72.el6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json"

httpd-devel

Package

Name: httpd-devel
Purl: pkg:rpm/tuxcare/httpd-devel?distro=oraclelinux-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.15-72.el6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json"

httpd-manual

Package

Name: httpd-manual
Purl: pkg:rpm/tuxcare/httpd-manual?distro=oraclelinux-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.15-72.el6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json"

httpd-tools

Package

Name: httpd-tools
Purl: pkg:rpm/tuxcare/httpd-tools?distro=oraclelinux-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.15-72.el6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json"

mod_ssl

Package

Name: mod_ssl
Purl: pkg:rpm/tuxcare/mod_ssl?distro=oraclelinux-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.2.15-72.el6.tuxcare.els5

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2022-1656430723.json"