Vulnerability Database
Blog
FAQ
Docs
RHSA-2023:4629
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2023:4629
Import Source
https://security.access.redhat.com/data/osv/RHSA-2023:4629.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2023:4629
Related
CVE-2022-24963
CVE-2022-36760
CVE-2022-37436
CVE-2022-48279
CVE-2023-24021
CVE-2023-27522
CVE-2023-28319
CVE-2023-28321
CVE-2023-28322
Published
2024-09-13T23:26:54Z
Modified
2024-11-22T23:46:34Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update
Details
References
https://access.redhat.com/errata/RHSA-2023:4629
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2161773
https://bugzilla.redhat.com/show_bug.cgi?id=2161777
https://bugzilla.redhat.com/show_bug.cgi?id=2163615
https://bugzilla.redhat.com/show_bug.cgi?id=2163622
https://bugzilla.redhat.com/show_bug.cgi?id=2169465
https://bugzilla.redhat.com/show_bug.cgi?id=2176211
https://bugzilla.redhat.com/show_bug.cgi?id=2196778
https://bugzilla.redhat.com/show_bug.cgi?id=2196786
https://bugzilla.redhat.com/show_bug.cgi?id=2196793
https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4629.json
https://access.redhat.com/security/cve/CVE-2022-24963
https://www.cve.org/CVERecord?id=CVE-2022-24963
https://nvd.nist.gov/vuln/detail/CVE-2022-24963
https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9
https://access.redhat.com/security/cve/CVE-2022-36760
https://www.cve.org/CVERecord?id=CVE-2022-36760
https://nvd.nist.gov/vuln/detail/CVE-2022-36760
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760
https://access.redhat.com/security/cve/CVE-2022-37436
https://www.cve.org/CVERecord?id=CVE-2022-37436
https://nvd.nist.gov/vuln/detail/CVE-2022-37436
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436
https://access.redhat.com/security/cve/CVE-2022-48279
https://www.cve.org/CVERecord?id=CVE-2022-48279
https://nvd.nist.gov/vuln/detail/CVE-2022-48279
https://access.redhat.com/security/cve/CVE-2023-24021
https://www.cve.org/CVERecord?id=CVE-2023-24021
https://nvd.nist.gov/vuln/detail/CVE-2023-24021
https://access.redhat.com/security/cve/CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-27522
https://nvd.nist.gov/vuln/detail/CVE-2023-27522
https://httpd.apache.org/security/vulnerabilities_24.html
https://access.redhat.com/security/cve/CVE-2023-28319
https://www.cve.org/CVERecord?id=CVE-2023-28319
https://nvd.nist.gov/vuln/detail/CVE-2023-28319
https://curl.se/docs/CVE-2023-28319.html
https://access.redhat.com/security/cve/CVE-2023-28321
https://www.cve.org/CVERecord?id=CVE-2023-28321
https://nvd.nist.gov/vuln/detail/CVE-2023-28321
https://curl.se/docs/CVE-2023-28321.html
https://access.redhat.com/security/cve/CVE-2023-28322
https://www.cve.org/CVERecord?id=CVE-2023-28322
https://nvd.nist.gov/vuln/detail/CVE-2023-28322
https://curl.se/docs/CVE-2023-28322.html
Affected packages
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-apr
Package
Name
jbcs-httpd24-apr
Purl
pkg:rpm/redhat/jbcs-httpd24-apr
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-apr-debuginfo
Package
Name
jbcs-httpd24-apr-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-apr-devel
Package
Name
jbcs-httpd24-apr-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-apr-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el7jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-apr
Package
Name
jbcs-httpd24-apr
Purl
pkg:rpm/redhat/jbcs-httpd24-apr
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-apr-debuginfo
Package
Name
jbcs-httpd24-apr-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-apr-devel
Package
Name
jbcs-httpd24-apr-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-apr-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.7.0-8.el8jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd
Package
Name
jbcs-httpd24-httpd
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd-debuginfo
Package
Name
jbcs-httpd24-httpd-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd-devel
Package
Name
jbcs-httpd24-httpd-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd-manual
Package
Name
jbcs-httpd24-httpd-manual
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-manual
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd-selinux
Package
Name
jbcs-httpd24-httpd-selinux
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-httpd-tools
Package
Name
jbcs-httpd24-httpd-tools
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_ldap
Package
Name
jbcs-httpd24-mod_ldap
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ldap
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_proxy_html
Package
Name
jbcs-httpd24-mod_proxy_html
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_session
Package
Name
jbcs-httpd24-mod_session
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_session
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_ssl
Package
Name
jbcs-httpd24-mod_ssl
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ssl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el7jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd
Package
Name
jbcs-httpd24-httpd
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-debuginfo
Package
Name
jbcs-httpd24-httpd-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-devel
Package
Name
jbcs-httpd24-httpd-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-manual
Package
Name
jbcs-httpd24-httpd-manual
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-manual
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-selinux
Package
Name
jbcs-httpd24-httpd-selinux
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-tools
Package
Name
jbcs-httpd24-httpd-tools
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-httpd-tools-debuginfo
Package
Name
jbcs-httpd24-httpd-tools-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_ldap
Package
Name
jbcs-httpd24-mod_ldap
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ldap
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_ldap-debuginfo
Package
Name
jbcs-httpd24-mod_ldap-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_proxy_html
Package
Name
jbcs-httpd24-mod_proxy_html
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_proxy_html-debuginfo
Package
Name
jbcs-httpd24-mod_proxy_html-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_session
Package
Name
jbcs-httpd24-mod_session
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_session
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_session-debuginfo
Package
Name
jbcs-httpd24-mod_session-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_ssl
Package
Name
jbcs-httpd24-mod_ssl
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ssl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_ssl-debuginfo
Package
Name
jbcs-httpd24-mod_ssl-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.57-5.el8jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_security
Package
Name
jbcs-httpd24-mod_security
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_security
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.9.3-29.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-mod_security-debuginfo
Package
Name
jbcs-httpd24-mod_security-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.9.3-29.el7jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_security
Package
Name
jbcs-httpd24-mod_security
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_security
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.9.3-29.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-mod_security-debuginfo
Package
Name
jbcs-httpd24-mod_security-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.9.3-29.el8jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-curl
Package
Name
jbcs-httpd24-curl
Purl
pkg:rpm/redhat/jbcs-httpd24-curl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-curl-debuginfo
Package
Name
jbcs-httpd24-curl-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-libcurl
Package
Name
jbcs-httpd24-libcurl
Purl
pkg:rpm/redhat/jbcs-httpd24-libcurl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el7jbcs
Red Hat:jboss_core_services:1::el7
/
jbcs-httpd24-libcurl-devel
Package
Name
jbcs-httpd24-libcurl-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-libcurl-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el7jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-curl
Package
Name
jbcs-httpd24-curl
Purl
pkg:rpm/redhat/jbcs-httpd24-curl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-curl-debuginfo
Package
Name
jbcs-httpd24-curl-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-libcurl
Package
Name
jbcs-httpd24-libcurl
Purl
pkg:rpm/redhat/jbcs-httpd24-libcurl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-libcurl-debuginfo
Package
Name
jbcs-httpd24-libcurl-debuginfo
Purl
pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el8jbcs
Red Hat:jboss_core_services:1::el8
/
jbcs-httpd24-libcurl-devel
Package
Name
jbcs-httpd24-libcurl-devel
Purl
pkg:rpm/redhat/jbcs-httpd24-libcurl-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.2.1-1.el8jbcs
RHSA-2023:4629 - OSV