jbcs-httpd24-httpd vulnerabilities

Known vulnerabilities in the jbcs-httpd24-httpd package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Incorrect Default Permissions	<0:2.4.57-15.el8jbcs
M Incorrect Default Permissions	<0:2.4.57-15.el8jbcs
M Improper Input Validation	<0:2.4.57-15.el8jbcs
M Improper Input Validation	<0:2.4.57-15.el8jbcs
H Improper Input Validation	<0:2.4.57-13.el8jbcs
H NULL Pointer Dereference	<0:2.4.57-13.el8jbcs
H Inclusion of Functionality from Untrusted Control Sphere	<0:2.4.57-13.el8jbcs
H Improper Encoding or Escaping of Output	<0:2.4.57-13.el8jbcs
H Improper Encoding or Escaping of Output	<0:2.4.57-13.el8jbcs
H Improper Encoding or Escaping of Output	<0:2.4.57-13.el8jbcs
M Detection of Error Condition Without Action	<0:2.4.57-10.el8jbcs
M Resource Exhaustion	<0:2.4.57-10.el8jbcs
M Improper Validation of Certificate with Host Mismatch	<0:2.4.57-10.el8jbcs
M Missing Release of Resource after Effective Lifetime	<0:2.4.57-10.el8jbcs
M Improper Certificate Validation	<0:2.4.57-10.el8jbcs
M Misinterpretation of Input	<0:2.4.57-10.el8jbcs
M Cross-site Scripting (XSS)	<0:2.4.57-9.el8jbcs
M Missing Required Cryptographic Step	<0:2.4.57-9.el8jbcs
M Missing Encryption of Sensitive Data	<0:2.4.57-9.el8jbcs
M Information Exposure	<0:2.4.57-9.el8jbcs
M Out-of-bounds Read	<0:2.4.57-9.el8jbcs
M Expected Behavior Violation	<0:2.4.57-5.el8jbcs
M Use After Free	<0:2.4.57-5.el8jbcs
M Improper Certificate Validation	<0:2.4.57-5.el8jbcs
H Special Element Injection	<0:2.4.51-39.el8jbcs
H Directory Traversal	<0:2.4.51-39.el8jbcs
M HTTP Response Splitting	<0:2.4.57-5.el8jbcs
H HTTP Response Splitting	<0:2.4.51-39.el8jbcs
H Cleartext Transmission of Sensitive Information	<0:2.4.51-39.el8jbcs
H Cleartext Transmission of Sensitive Information	<0:2.4.51-39.el8jbcs
H Allocation of Resources Without Limits or Throttling	<0:2.4.51-39.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.57-5.el8jbcs
H Integer Overflow or Wraparound	<0:2.4.51-39.el8jbcs
H Incorrect Type Conversion or Cast	<0:2.4.51-39.el8jbcs
H Use After Free	<0:2.4.51-39.el8jbcs
H Double Free	<0:2.4.51-39.el8jbcs
H Information Exposure	<0:2.4.51-39.el8jbcs
M Resource Leak	<0:2.4.57-5.el8jbcs
M CVE-2022-48279	<0:2.4.57-5.el8jbcs
M HTTP Response Splitting	<0:2.4.57-5.el8jbcs
M HTTP Request Smuggling	<0:2.4.57-5.el8jbcs
H Out-of-bounds Read	<0:2.4.51-39.el8jbcs
H Cleartext Transmission of Sensitive Information	<0:2.4.51-39.el8jbcs
H Use After Free	<0:2.4.51-39.el8jbcs
M Cleartext Transmission of Sensitive Information	<0:2.4.51-37.el8jbcs
M Double Free	<0:2.4.51-37.el8jbcs
M Expected Behavior Violation	<0:2.4.51-37.el8jbcs
M Improper Validation of Syntactic Correctness of Input	<0:2.4.51-37.el8jbcs
M Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0:2.4.51-37.el8jbcs
M Allocation of Resources Without Limits or Throttling	<0:2.4.51-37.el8jbcs
M Improper Preservation of Permissions	<0:2.4.51-37.el8jbcs
M Arbitrary Command Injection	<0:2.4.51-37.el8jbcs
M Insufficient Verification of Data Authenticity	<0:2.4.51-37.el8jbcs
M Allocation of Resources Without Limits or Throttling	<0:2.4.51-37.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.51-37.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.51-37.el8jbcs
M HTTP Request Smuggling	<0:2.4.51-37.el8jbcs
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.4.51-37.el8jbcs
M Arbitrary Command Injection	<0:2.4.51-37.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.51-37.el8jbcs
H HTTP Request Smuggling	<0:2.4.37-80.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.51-37.el8jbcs
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.4.37-80.el8jbcs
H Use After Free	<0:2.4.37-80.el8jbcs
M NULL Pointer Dereference	<0:2.4.51-28.el8jbcs
M NULL Pointer Dereference	<0:2.4.51-28.el8jbcs
H Authentication Bypass	<0:2.4.37-74.el8jbcs
H Use After Free	<0:2.4.37-74.el8jbcs
H Information Exposure	<0:2.4.37-74.el8jbcs
M NULL Pointer Dereference	<0:2.4.37-78.el8jbcs
M Information Exposure	<0:2.4.37-78.el8jbcs
H Server-Side Request Forgery (SSRF)	<0:2.4.37-76.el8jbcs
M Out-of-bounds Write	<0:2.4.51-28.el8jbcs
M Out-of-bounds Read	<0:2.4.51-28.el8jbcs
M NULL Pointer Dereference	<0:2.4.37-78.el8jbcs
M Out-of-bounds Read	<0:2.4.37-78.el8jbcs
M NULL Pointer Dereference	<0:2.4.51-28.el8jbcs
H Improper Certificate Validation	<0:2.4.37-74.el8jbcs
H Resource Exhaustion	<0:2.4.37-80.el8jbcs
H NULL Pointer Dereference	<0:2.4.37-80.el8jbcs
H Out-of-bounds Write	<0:2.4.37-80.el8jbcs
H Use After Free	<0:2.4.37-80.el8jbcs
H Use After Free	<0:2.4.37-80.el8jbcs
H Uncontrolled Recursion	<0:2.4.37-74.el8jbcs
H Information Exposure	<0:2.4.37-74.el8jbcs
M Improper Input Validation	<0:2.4.37-78.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.37-78.el8jbcs
M Out-of-Bounds	<0:2.4.37-78.el8jbcs
M NULL Pointer Dereference	<0:2.4.37-78.el8jbcs
M NULL Pointer Dereference	<0:2.4.37-78.el8jbcs
H Information Exposure	<0:2.4.37-74.el8jbcs
M Out-of-Bounds	<0:2.4.37-78.el8jbcs
M Integer Overflow or Wraparound	<0:2.4.37-78.el8jbcs
M Out-of-bounds Read	<0:2.4.37-78.el8jbcs
M Improper Authentication	<0:2.4.37-78.el8jbcs

Vulnerability

Vulnerable Version

Incorrect Default Permissions

<0:2.4.57-15.el8jbcs

Incorrect Default Permissions

<0:2.4.57-15.el8jbcs

Improper Input Validation

<0:2.4.57-15.el8jbcs

Improper Input Validation

<0:2.4.57-15.el8jbcs

Improper Input Validation

<0:2.4.57-13.el8jbcs