RHSA-2017:1414HighCVSS 7.5

Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6

Published
June 7, 2017
Last Modified
June 30, 2026

🔗 CVE IDs covered (7)

📋 Description

CVE-2016-0736 — httpd: Padding Oracle in Apache mod_session_crypto CVE-2016-2161 — httpd: DoS vulnerability in mod_auth_digest CVE-2016-6304 — openssl: OCSP Status Request extension unbounded memory growth CVE-2016-7056 — openssl: ECDSA P-256 timing attack key recovery CVE-2016-8610 — SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS CVE-2016-8740 — httpd: Incomplete handling of LimitRequestFields directive in mod_http2 CVE-2016-8743 — httpd: Apache HTTP Request Parsing Whitespace Defects

🔗 References (12)