Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:5138

Опубликовано: 21 авг. 2024
Источник: rocky
Оценка: Important

Описание

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: Security issues via?backend applications whose response headers are malicious or exploitable (CVE-2024-38476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
httpdx86_6411.el9_4.1httpd-2.4.57-11.el9_4.1.x86_64.rpm
httpd-corex86_6411.el9_4.1httpd-core-2.4.57-11.el9_4.1.x86_64.rpm
httpd-develx86_6411.el9_4.1httpd-devel-2.4.57-11.el9_4.1.x86_64.rpm
httpd-filesystemnoarch11.el9_4.1httpd-filesystem-2.4.57-11.el9_4.1.noarch.rpm
httpd-manualnoarch11.el9_4.1httpd-manual-2.4.57-11.el9_4.1.noarch.rpm
httpd-toolsx86_6411.el9_4.1httpd-tools-2.4.57-11.el9_4.1.x86_64.rpm
mod_ldapx86_6411.el9_4.1mod_ldap-2.4.57-11.el9_4.1.x86_64.rpm
mod_luax86_6411.el9_4.1mod_lua-2.4.57-11.el9_4.1.x86_64.rpm
mod_proxy_htmlx86_6411.el9_4.1mod_proxy_html-2.4.57-11.el9_4.1.x86_64.rpm
mod_sessionx86_6411.el9_4.1mod_session-2.4.57-11.el9_4.1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-38476

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-38476

CVSS3: 9.8
ubuntu
12 месяцев назад

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

redhat логотип

CVE-2024-38476

CVSS3: 9.1
redhat
12 месяцев назад

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

nvd логотип

CVE-2024-38476

CVSS3: 9.8
nvd
12 месяцев назад

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

debian логотип

CVE-2024-38476

CVSS3: 9.8
debian
12 месяцев назад

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vul ...

suse-cvrf логотип

SUSE-SU-2024:2560-1

suse-cvrf
11 месяцев назад

Security update for apache2