jbcs-httpd24-mod_md vulnerabilities

Known vulnerabilities in the jbcs-httpd24-mod_md package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Incorrect Default Permissions	<1:2.4.24-13.el7jbcs
M Improper Input Validation	<1:2.4.24-13.el7jbcs
H Use After Free	<1:2.0.8-36.jbcs.el7
M Detection of Error Condition Without Action	<1:2.4.24-6.el7jbcs
M Resource Exhaustion	<1:2.4.24-6.el7jbcs
M Improper Validation of Certificate with Host Mismatch	<1:2.4.24-6.el7jbcs
M Missing Release of Resource after Effective Lifetime	<1:2.4.24-6.el7jbcs
M Improper Certificate Validation	<1:2.4.24-6.el7jbcs
M Misinterpretation of Input	<1:2.4.24-6.el7jbcs
H Inclusion of Functionality from Untrusted Control Sphere	<1:2.4.24-11.el7jbcs
H Improper Encoding or Escaping of Output	<1:2.4.24-11.el7jbcs
H Server-Side Request Forgery (SSRF)	<1:2.0.8-38.jbcs.el7
M Out-of-Bounds	<1:2.0.8-40.jbcs.el7
M Out-of-bounds Read	<1:2.0.8-40.jbcs.el7
M Incorrect Calculation of Buffer Size	<1:2.0.8-30.jbcs.el7
H Allocation of Resources Without Limits or Throttling	<1:2.0.8-24.jbcs.el7
L Use After Free	<1:2.0.8-10.jbcs.el7
H Use After Free	<1:2.0.8-41.jbcs.el7
H HTTP Request Smuggling	<1:2.0.8-41.jbcs.el7
H Out-of-bounds Write	<1:2.0.8-41.jbcs.el7
H Inclusion of Functionality from Untrusted Control Sphere	<1:2.4.24-11.el7jbcs
H NULL Pointer Dereference	<1:2.4.24-11.el7jbcs
H Improper Encoding or Escaping of Output	<1:2.4.24-11.el7jbcs
H Improper Encoding or Escaping of Output	<1:2.4.24-11.el7jbcs
H Improper Input Validation	<1:2.4.24-11.el7jbcs
H Improper Encoding or Escaping of Output	<1:2.4.24-11.el7jbcs
M Detection of Error Condition Without Action	<1:2.4.24-6.el7jbcs
M Improper Validation of Certificate with Host Mismatch	<1:2.4.24-6.el7jbcs
M Missing Release of Resource after Effective Lifetime	<1:2.4.24-6.el7jbcs
M Improper Certificate Validation	<1:2.4.24-6.el7jbcs
M Misinterpretation of Input	<1:2.4.24-6.el7jbcs
M Resource Exhaustion	<1:2.4.24-6.el7jbcs
M Improper Certificate Validation	<1:2.0.8-30.jbcs.el7
H HTTP Request Smuggling	<1:2.0.8-41.jbcs.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.0.8-41.jbcs.el7
H Use After Free	<1:2.0.8-41.jbcs.el7
H Authentication Bypass	<1:2.0.8-36.jbcs.el7
H Use After Free	<1:2.0.8-36.jbcs.el7
H Information Exposure	<1:2.0.8-36.jbcs.el7
M NULL Pointer Dereference	<1:2.0.8-40.jbcs.el7
M Incorrect Calculation of Buffer Size	<1:2.0.8-30.jbcs.el7
M Information Exposure	<1:2.0.8-40.jbcs.el7
H Server-Side Request Forgery (SSRF)	<1:2.0.8-38.jbcs.el7
M NULL Pointer Dereference	<1:2.0.8-40.jbcs.el7
M Out-of-bounds Read	<1:2.0.8-40.jbcs.el7
M Resource Exhaustion	<1:2.0.8-30.jbcs.el7
M Out-of-Bounds	<1:2.0.8-30.jbcs.el7
H Insufficient Session Expiration	<0:2.4.37-33.jbcs.el7
H Improper Certificate Validation	<1:2.0.8-36.jbcs.el7
H Improper Certificate Validation	<1:2.0.8-33.jbcs.el7
H NULL Pointer Dereference	<1:2.0.8-33.jbcs.el7
H HTTP Request Smuggling	<1:2.0.8-24.jbcs.el7
H Use After Free	<1:2.0.8-24.jbcs.el7
H Resource Exhaustion	<0:2.4.37-33.jbcs.el7
H Memory Leak	<1:2.0.8-24.jbcs.el7
H Allocation of Resources Without Limits or Throttling	<1:2.0.8-24.jbcs.el7
L Use After Free	<1:2.0.8-10.jbcs.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.0.8-24.jbcs.el7
H Resource Exhaustion	<1:2.0.8-41.jbcs.el7
L NULL Pointer Dereference	<1:2.0.8-31.jbcs.el7
H NULL Pointer Dereference	<1:2.0.8-41.jbcs.el7
H Out-of-bounds Write	<1:2.0.8-41.jbcs.el7
H Use After Free	<1:2.0.8-41.jbcs.el7
H Use After Free	<1:2.0.8-41.jbcs.el7
H Missing Initialization of a Variable	<1:2.0.8-24.jbcs.el7
H Uncontrolled Recursion	<1:2.0.8-36.jbcs.el7
H Information Exposure	<1:2.0.8-36.jbcs.el7
L Heap-based Buffer Overflow	<1:2.0.8-10.jbcs.el7
H Missing Release of Resource after Effective Lifetime	<1:2.0.8-24.jbcs.el7
H Improper Access Control	<0:2.4.37-33.jbcs.el7
L Path Equivalence	<1:2.0.8-10.jbcs.el7
H Resource Exhaustion	<1:2.0.8-24.jbcs.el7
M Integer Overflow or Wraparound	<1:2.0.8-30.jbcs.el7
H Heap-based Buffer Overflow	<1:2.0.8-24.jbcs.el7
H Resource Exhaustion	<0:2.4.37-33.jbcs.el7
H Resource Exhaustion	<0:2.4.37-33.jbcs.el7
H Resource Exhaustion	<0:2.4.37-33.jbcs.el7
H Resource Exhaustion	<0:2.4.37-33.jbcs.el7
H Covert Timing Channel	<0:2.4.37-33.jbcs.el7
H Covert Timing Channel	<0:2.4.37-33.jbcs.el7
M Improper Input Validation	<1:2.0.8-40.jbcs.el7
M Integer Overflow or Wraparound	<1:2.0.8-40.jbcs.el7
M Out-of-Bounds	<1:2.0.8-40.jbcs.el7
M NULL Pointer Dereference	<1:2.0.8-40.jbcs.el7
M NULL Pointer Dereference	<1:2.0.8-40.jbcs.el7
H Information Exposure	<1:2.0.8-36.jbcs.el7
M Out-of-Bounds	<1:2.0.8-40.jbcs.el7
M Integer Overflow or Wraparound	<1:2.0.8-40.jbcs.el7
M Out-of-bounds Read	<1:2.0.8-40.jbcs.el7
M Improper Authentication	<1:2.0.8-40.jbcs.el7
H Information Exposure	<0:2.4.37-33.jbcs.el7

Vulnerability

Vulnerable Version

Incorrect Default Permissions

<1:2.4.24-13.el7jbcs

Improper Input Validation

<1:2.4.24-13.el7jbcs

Use After Free

<1:2.0.8-36.jbcs.el7

Detection of Error Condition Without Action

<1:2.4.24-6.el7jbcs

Resource Exhaustion

<1:2.4.24-6.el7jbcs