Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2022-6753.NASL
HistorySep 29, 2022 - 12:00 a.m.

RHEL 7 : httpd24-httpd (RHSA-2022:6753)

2022-09-2900:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
75

9.3 High

AI Score

Confidence

Low

JSON

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6753 advisory.

  • httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)

  • httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)

  • httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)

  • httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)

  • httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)

  • httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)

  • httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)

  • httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)

  • httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)

  • httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)

  • httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)

  • httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)

  • httpd: mod_sed: DoS vulnerability (CVE-2022-30522)

  • httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)

  • httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2022:6753. The text
# itself is copyright (C) Red Hat, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(165553);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");

  script_cve_id(
    "CVE-2021-33193",
    "CVE-2021-34798",
    "CVE-2021-36160",
    "CVE-2021-39275",
    "CVE-2021-44224",
    "CVE-2022-22719",
    "CVE-2022-22721",
    "CVE-2022-23943",
    "CVE-2022-26377",
    "CVE-2022-28614",
    "CVE-2022-28615",
    "CVE-2022-29404",
    "CVE-2022-30522",
    "CVE-2022-30556",
    "CVE-2022-31813"
  );
  script_xref(name:"RHSA", value:"2022:6753");

  script_name(english:"RHEL 7 : httpd24-httpd (RHSA-2022:6753)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for httpd24-httpd.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2022:6753 advisory.

  - httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)

  - httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)

  - httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)

  - httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)

  - httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)

  - httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)

  - httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)

  - httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)

  - httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)

  - httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)

  - httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)

  - httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)

  - httpd: mod_sed: DoS vulnerability (CVE-2022-30522)

  - httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)

  - httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_6753.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bd5a0b9d");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/articles/6975397");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#moderate");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2022:6753");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1966728");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2005119");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2005124");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2005128");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2034672");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2064319");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2064320");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2064322");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2094997");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095002");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095006");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095012");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095015");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095018");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2095020");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL httpd24-httpd package based on the guidance in RHSA-2022:6753.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-31813");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(125, 200, 348, 444, 476, 770, 787, 789, 908, 918);
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/09/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/09/29");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-httpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-httpd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-httpd-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-httpd-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-mod_ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-mod_proxy_html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-mod_session");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd24-mod_ssl");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',
      'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',
      'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',
      'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',
      'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',
      'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',
      'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',
      'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',
      'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',
      'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',
      'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',
      'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',
      'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',
      'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',
      'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',
      'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',
      'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',
      'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',
      'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',
      'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',
      'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'httpd24-httpd-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-devel-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-devel-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-devel-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-manual-2.4.34-23.el7.5', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-tools-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-tools-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-httpd-tools-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_ldap-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_ldap-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_ldap-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_proxy_html-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'httpd24-mod_proxy_html-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'httpd24-mod_proxy_html-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'httpd24-mod_session-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_session-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_session-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'httpd24-mod_ssl-2.4.34-23.el7.5', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'httpd24-mod_ssl-2.4.34-23.el7.5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'httpd24-mod_ssl-2.4.34-23.el7.5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd24-httpd / httpd24-httpd-devel / httpd24-httpd-manual / etc');
}
VendorProductVersionCPE
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linuxhttpd24-httpdp-cpe:/a:redhat:enterprise_linux:httpd24-httpd
redhatenterprise_linuxhttpd24-httpd-develp-cpe:/a:redhat:enterprise_linux:httpd24-httpd-devel
redhatenterprise_linuxhttpd24-httpd-manualp-cpe:/a:redhat:enterprise_linux:httpd24-httpd-manual
redhatenterprise_linuxhttpd24-httpd-toolsp-cpe:/a:redhat:enterprise_linux:httpd24-httpd-tools
redhatenterprise_linuxhttpd24-mod_ldapp-cpe:/a:redhat:enterprise_linux:httpd24-mod_ldap
redhatenterprise_linuxhttpd24-mod_proxy_htmlp-cpe:/a:redhat:enterprise_linux:httpd24-mod_proxy_html
redhatenterprise_linuxhttpd24-mod_sessionp-cpe:/a:redhat:enterprise_linux:httpd24-mod_session
redhatenterprise_linuxhttpd24-mod_sslp-cpe:/a:redhat:enterprise_linux:httpd24-mod_ssl

References

Related

oraclelinux 3
redhat 5
rocky 3
nessus 70
osv 14
almalinux 3
openvas 52
fedora 2
ubuntu 6
suse 4
ibm 9
altlinux 6
gentoo 1
freebsd 2
amazon 3
redos 2
slackware 2
kaspersky 2
mageia 2
photon 4
rosalinux 2
cloudlinux 1
cisco 1
oraclelinux
oraclelinux
httpd security, bug fix, and enhancement update
2022-11-22 00:00:00
httpd:2.4 security update
2022-11-15 00:00:00
httpd:2.4 security and bug fix update
2022-05-17 00:00:00
redhat
redhat
(RHSA-2022:7647) Moderate: httpd:2.4 security update
2022-11-08 06:25:28
(RHSA-2022:6753) Moderate: httpd24-httpd security and bug fix update
2022-09-29 13:20:41
(RHSA-2022:8067) Moderate: httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
rocky
rocky
httpd:2.4 security update
2022-11-08 06:25:28
httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
httpd:2.4 security and bug fix update
2022-05-10 08:07:40
nessus
nessus
RHEL 8 : httpd:2.4 (RHSA-2022:7647)
2022-11-09 00:00:00
RHEL 9 : httpd (RHSA-2022:8067)
2022-11-15 00:00:00
CentOS 8 : httpd:2.4 (CESA-2022:7647)
2022-11-09 00:00:00
osv
osv
Moderate: httpd:2.4 security update
2022-11-08 06:25:28
Moderate: httpd security, bug fix, and enhancement update
2022-11-15 00:00:00
Moderate: httpd:2.4 security update
2022-11-08 00:00:00
almalinux
almalinux
Moderate: httpd:2.4 security update
2022-11-08 00:00:00
Moderate: httpd security, bug fix, and enhancement update
2022-11-15 00:00:00
Moderate: httpd:2.4 security and bug fix update
2022-05-10 08:07:40
openvas
openvas
openSUSE: Security Advisory for apache2 (SUSE-SU-2022:2302-1)
2022-07-07 00:00:00
Ubuntu: Security Advisory (USN-5487-2)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-5487-1)
2022-06-22 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: httpd-2.4.54-3.fc36
2022-07-01 01:09:46
[SECURITY] Fedora 35 Update: httpd-2.4.54-1.fc35
2022-07-06 01:54:10
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2022-06-21 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
suse
suse
Security update for apache2 (important)
2022-07-06 00:00:00
Security update for apache2 (important)
2022-07-08 00:00:00
Security update for apache2 (important)
2021-11-02 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server
2022-07-25 15:18:21
Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities
2022-08-08 08:16:32
Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server
2022-06-16 17:12:43
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.54-alt1
2022-06-21 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.54-alt1
2022-06-19 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.49-alt1
2021-09-23 00:00:00
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2022-06-08 00:00:00
Apache httpd -- multiple vulnerabilities
2021-09-16 00:00:00
amazon
amazon
Medium: httpd24
2022-06-30 23:38:00
Medium: httpd
2022-07-06 03:12:00
Important: httpd24
2022-04-26 17:12:00
redos
redos
ROS-20220628-01
2022-06-28 00:00:00
ROS-20220317-01
2022-03-17 00:00:00
slackware
slackware
[slackware-security] httpd
2022-06-08 19:24:07
[slackware-security] httpd
2021-09-17 04:22:20
kaspersky
kaspersky
KLA12554 Multiple vulnerabilities in Apache HTTP Server
2022-06-08 00:00:00
KLA12370 Multiple vulnerabilities in Apache HTTP Server
2021-09-16 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2022-06-13 23:44:20
Updated apache packages fix security vulnerability
2021-09-23 07:49:29
photon
photon
Critical Photon OS Security Update - PHSA-2022-0202
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0489
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0409
2022-06-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2160
2023-04-25 12:02:31
Advisory ROSA-SA-2023-2161
2023-05-03 11:17:19
cloudlinux
cloudlinux
Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377
2022-06-28 20:14:01
cisco
cisco
Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021
2021-11-24 16:00:00

9.3 High

AI Score

Confidence

Low

JSON
Related for REDHAT-RHSA-2022-6753.NASL
oraclelinux3redhat5rocky3nessus70osv14almalinux3openvas52fedora2ubuntu6suse4ibm9altlinux6gentoo1freebsd2amazon3redos2slackware2kaspersky2mageia2photon4rosalinux2cloudlinux1cisco1