Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2019:1543
HistoryJun 18, 2019 - 7:07 p.m.

(RHSA-2019:1543) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update

2019-06-1819:07:29
access.redhat.com
158

0.974 High

EPSS

Percentile

99.9%

JSON

This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering.

This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release.

Security Fix(es):

  • openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)

  • openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)

  • libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service (CVE-2018-14404)

  • curl: Out-of-bounds read in code handling HTTP/2 trailers (CVE-2018-1000005)

  • curl: HTTP authentication leak in redirects (CVE-2018-1000007)

  • curl: FTP path trickery leads to NIL byte out of bounds write (CVE-2018-1000120)

  • curl: RTSP RTP buffer over-read (CVE-2018-1000122)

  • httpd: privilege escalation from modules scripts (CVE-2019-0211)

Details around these issues, including information about CVEs, severity of the issues, and CVSS scores can be found on the CVE pages listed in the References section below.

Related

nessus 64
openvas 38
gentoo 2
fedora 11
ibm 11
archlinux 21
amazon 7
cloudfoundry 4
debian 6
altlinux 4
osv 5
slackware 4
oraclelinux 2
centos 1
redhat 6
suse 4
ubuntu 5
photon 2
freebsd 2
nessus
nessus
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)
2019-02-13 00:00:00
GLSA-201804-04 : cURL: Multiple vulnerabilities
2018-04-10 00:00:00
GLSA-201903-03 : cURL: Multiple vulnerabilities
2019-03-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:0339-1)
2021-04-19 00:00:00
Fedora Update for curl FEDORA-2019-43489941ff
2019-05-07 00:00:00
Fedora Update for curl FEDORA-2019-697de0501f
2019-06-10 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2018-04-08 00:00:00
cURL: Multiple vulnerabilities
2019-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: curl-7.61.1-8.fc29
2019-02-12 02:58:21
[SECURITY] Fedora 29 Update: curl-7.61.1-11.fc29
2019-06-09 02:58:45
[SECURITY] Fedora 29 Update: curl-7.61.1-5.fc29
2018-11-17 05:17:14
ibm
ibm
Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities
2018-12-17 16:15:01
Security Bulletin: Vulnerabilities in curl affect PowerKVM
2018-12-17 14:20:01
Security Bulletin: Vulnerabilities in cURL affect IBM BladeCenter Advanced Management Module (AMM)
2018-10-03 21:15:01
archlinux
archlinux
[ASA-201803-17] libcurl-compat: multiple issues
2018-03-19 00:00:00
[ASA-201803-16] lib32-curl: multiple issues
2018-03-19 00:00:00
[ASA-201803-19] libcurl-gnutls: multiple issues
2018-03-19 00:00:00
amazon
amazon
Medium: curl
2018-04-19 04:55:00
Low: curl
2019-01-21 23:46:00
Medium: nss-pem
2019-01-07 21:51:00
cloudfoundry
cloudfoundry
USN-3598-1: curl vulnerabilities | Cloud Foundry
2018-04-04 00:00:00
USN-3805-1: curl vulnerabilities | Cloud Foundry
2018-11-20 00:00:00
USN-3882-1: curl vulnerabilities | Cloud Foundry
2019-02-15 00:00:00
debian
debian
[SECURITY] [DSA 4136-1] curl security update
2018-03-14 21:36:51
[SECURITY] [DLA 1309-1] curl security update
2018-03-18 21:22:09
[SECURITY] [DSA 4386-1] curl security update
2019-02-06 22:36:32
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.62.0-alt1
2018-10-31 00:00:00
Security fix for the ALT Linux 8 package curl version 7.59.0-alt1
2018-03-31 00:00:00
Security fix for the ALT Linux 8 package curl version 7.64.0-alt1
2019-02-08 00:00:00
osv
osv
curl - security update
2018-03-14 00:00:00
curl - security update
2018-03-18 00:00:00
curl - security update
2019-02-06 00:00:00
slackware
slackware
[slackware-security] curl
2018-03-16 04:18:28
[slackware-security] curl
2018-11-01 00:03:28
[slackware-security] curl
2019-02-06 23:59:25
oraclelinux
oraclelinux
curl and nss-pem security and bug fix update
2018-11-05 00:00:00
curl security and bug fix update
2019-11-14 00:00:00
centos
centos
curl, libcurl, nss security update
2018-11-15 18:44:09
redhat
redhat
(RHSA-2020:0594) Moderate: curl security update
2020-02-25 11:32:48
(RHSA-2020:0544) Moderate: curl security update
2020-02-18 13:56:21
(RHSA-2018:3157) Moderate: curl and nss-pem security and bug fix update
2018-10-30 04:24:21
suse
suse
Security update for curl (moderate)
2018-11-10 00:22:19
Security update for curl (important)
2019-02-14 00:00:00
Security update for curl (important)
2019-02-14 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2018-10-31 00:00:00
curl vulnerabilities
2018-03-15 00:00:00
curl vulnerabilities
2019-02-06 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0124
2018-04-13 00:00:00
Critical Photon OS Security Update - PHSA-2018-0124
2018-04-13 00:00:00
freebsd
freebsd
curl -- multiple vulnerabilities
2019-02-07 00:00:00
curl -- multiple vulnerabilities
2018-10-31 00:00:00

0.974 High

EPSS

Percentile

99.9%

JSON
Related for RHSA-2019:1543
nessus64openvas38gentoo2fedora11ibm11archlinux21amazon7cloudfoundry4debian6altlinux4osv5slackware4oraclelinux2centos1redhat6suse4ubuntu5photon2freebsd2