CLSA-2026-1779129849

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1779129849

Upstream

CVE-2026-28780

Published

2026-05-18T18:44:13Z

Modified

2026-06-01T00:33:27.447682877Z

Summary

httpd: Fix of CVE-2026-28780

Details

CVE-2026-28780: modproxyajp: heap-based buffer overflow in ajpmsgcheckheader() — message size check did not subtract AJPHEADER_LEN, letting a crafted AJP reply write 4 bytes past the end of the heap buffer

References

https://errata.tuxcare.com/els_os/oraclelinux7els/CLSA-2026-1779129849.html

Affected packages

TuxCare:OracleLinux:7

httpd

Package

Name: httpd
Purl: pkg:rpm/tuxcare/httpd?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

httpd-devel

Package

Name: httpd-devel
Purl: pkg:rpm/tuxcare/httpd-devel?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

httpd-manual

Package

Name: httpd-manual
Purl: pkg:rpm/tuxcare/httpd-manual?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

httpd-tools

Package

Name: httpd-tools
Purl: pkg:rpm/tuxcare/httpd-tools?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

mod_ldap

Package

Name: mod_ldap
Purl: pkg:rpm/tuxcare/mod_ldap?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

mod_proxy_html

Package

Name: mod_proxy_html
Purl: pkg:rpm/tuxcare/mod_proxy_html?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

mod_session

Package

Name: mod_session
Purl: pkg:rpm/tuxcare/mod_session?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"

mod_ssl

Package

Name: mod_ssl
Purl: pkg:rpm/tuxcare/mod_ssl?distro=oraclelinux-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.4.6-99.0.5.el7_9.1.tuxcare.els11

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1779129849.json"