httpd security update

🗓️ 18 Jan 2022 00:00:00Reported by OracleLinuxType

oraclelinux

oraclelinux🔗 linux.oracle.com👁 73 Views

httpd security update [2.4.6-97.0.5.4, 2.4.6-97.4, 2.4.6-97.3

Reporter	Title	Published	Views	Family All 710
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-39275)	1 Oct 202102:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)	29 Apr 202502:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.0.1	16 Nov 202315:21	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-39275)	18 Oct 202106:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-39275, CVE-2021-40438, CVE-2021-34798)	8 Nov 202104:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server	29 Sep 202119:33	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)	1 Apr 202210:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790)	2 Mar 202214:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-44790, CVE-2021-44224)	16 Mar 202208:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-34798 and CVE-2021-39275) affects Power HMC	30 May 202211:54	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
oracle linux	7	src	httpd	2.4.6-97.0.5.el7_9.4	httpd-2.4.6-97.0.5.el7_9.4.src.rpm
oracle linux	7	aarch64	httpd	2.4.6-97.0.5.el7_9.4	httpd-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	aarch64	httpd-devel	2.4.6-97.0.5.el7_9.4	httpd-devel-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	noarch	httpd-manual	2.4.6-97.0.5.el7_9.4	httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm
oracle linux	7	aarch64	httpd-tools	2.4.6-97.0.5.el7_9.4	httpd-tools-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	aarch64	mod_ldap	2.4.6-97.0.5.el7_9.4	mod_ldap-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	aarch64	mod_proxy_html	2.4.6-97.0.5.el7_9.4	mod_proxy_html-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	aarch64	mod_session	2.4.6-97.0.5.el7_9.4	mod_session-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	aarch64	mod_ssl	2.4.6-97.0.5.el7_9.4	mod_ssl-2.4.6-97.0.5.el7_9.4.aarch64.rpm
oracle linux	7	src	httpd	2.4.6-97.0.5.el7_9.4	httpd-2.4.6-97.0.5.el7_9.4.src.rpm

18 Jan 2022 00:00Current

2.7Low risk

Vulners AI Score2.7

CVSS 27.5

CVSS 3.19.8

EPSS0.86227

mod_session oracle index page null pointer dereference out-of-bounds write heap overflow buffer overflow mod_lua