httpd:2.4 security update

🗓️ 01 Jun 2026 18:02:48Reported by Rockylinux Product ErrataType

Security update for Rocky Linux 8 httpd fixes CVEs including HTTP/2 memory-based denial of service, AJP buffer overreads, null dereference, and code execution.

Reporter	Title	Published	Views	Family All 390
GithubExploit	Exploit for Missing Release of Memory after Effective Lifetime in Apache Http_Server	12 Jan 202608:14	–	githubexploit
FreeBSD	www/apache24 -- Multiple vulnerabilities	4 May 202600:00	–	freebsd
FreeBSD	Apache httpd -- Multiple vulnerabilities	10 Jul 202500:00	–	freebsd
FreeBSD	mod_http2 -- Multiple vulnerabilities	10 Jul 202500:00	–	freebsd
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2026-24072, CVE-2026-28780, CVE-2026-34059, CVE-2026-33523, CVE-2026-41080, CVE-2026-33857, CVE-2026-34032]	22 May 202605:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities	11 May 202622:12	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server	18 May 202615:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.	3 Nov 202509:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities within IBM HTTP Server, affect IBM Tivoli Monitoring.	8 Jun 202616:44	–	ibm
ATTACKERKB	CVE-2026-34032	4 May 202612:54	–	attackerkb

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+1830+22f0c9e0	httpd-0:2.4.37-65.module+el8.10.0+1830+22f0c9e0.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+1840+b070a976.1	httpd-0:2.4.37-65.module+el8.10.0+1840+b070a976.1.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+1842+4a9649e8.2	httpd-0:2.4.37-65.module+el8.10.0+1842+4a9649e8.2.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+1938+3b7755d4.3	httpd-0:2.4.37-65.module+el8.10.0+1938+3b7755d4.3.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+1984+1bed3124.4	httpd-0:2.4.37-65.module+el8.10.0+1984+1bed3124.4.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+2061+8d03fdec.5	httpd-0:2.4.37-65.module+el8.10.0+2061+8d03fdec.5.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+40045+6ce8579b.6	httpd-0:2.4.37-65.module+el8.10.0+40045+6ce8579b.6.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+40053+5a18018e.7	httpd-0:2.4.37-65.module+el8.10.0+40053+5a18018e.7.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+40197+0231e209.8	httpd-0:2.4.37-65.module+el8.10.0+40197+0231e209.8.x86_64.rpm
Rocky Linux	8	x86_64	httpd	0:2.4.37-65.module+el8.10.0+40206+be2c8a50.8	httpd-0:2.4.37-65.module+el8.10.0+40206+be2c8a50.8.x86_64.rpm

01 Jun 2026 18:02Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.19.8

EPSS0.04409

SSVC