CLSA-2026-1777946314

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777946314

Upstream

CVE-2024-42516

CVE-2024-43204

CVE-2024-43394

CVE-2025-54090

Published

2026-05-05T01:58:42Z

Modified

2026-06-01T00:32:51.113716089Z

Summary

httpd: Fix of 4 CVEs

Details

CVE-2024-42516: fix HTTP response splitting in core via Content-Type response header (header_filter rewrite)
CVE-2024-43204: prevent SSRF via mod_headers RequestHeader set/edit Content-Type modifying response headers
CVE-2024-43394: expand UNC path checking with new apstatcheck helper (Linux: defense-in-depth no-op); fold in upstream fix for CVE-2025-54090 (RewriteCond expr always evaluating true regression)

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1777946314.html

Affected packages

TuxCare:AlmaLinux:9.6

httpd

Package

Name: httpd
Purl: pkg:rpm/tuxcare/httpd?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

httpd-core

Package

Name: httpd-core
Purl: pkg:rpm/tuxcare/httpd-core?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

httpd-devel

Package

Name: httpd-devel
Purl: pkg:rpm/tuxcare/httpd-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

httpd-filesystem

Package

Name: httpd-filesystem
Purl: pkg:rpm/tuxcare/httpd-filesystem?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

httpd-manual

Package

Name: httpd-manual
Purl: pkg:rpm/tuxcare/httpd-manual?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

httpd-tools

Package

Name: httpd-tools
Purl: pkg:rpm/tuxcare/httpd-tools?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

mod_ldap

Package

Name: mod_ldap
Purl: pkg:rpm/tuxcare/mod_ldap?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

mod_lua

Package

Name: mod_lua
Purl: pkg:rpm/tuxcare/mod_lua?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

mod_proxy_html

Package

Name: mod_proxy_html
Purl: pkg:rpm/tuxcare/mod_proxy_html?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

mod_session

Package

Name: mod_session
Purl: pkg:rpm/tuxcare/mod_session?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"

mod_ssl

Package

Name: mod_ssl
Purl: pkg:rpm/tuxcare/mod_ssl?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.4.62-4.el9_6.4.tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777946314.json"