RHSA-2024:2694MediumCVSS 7.5
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2024-2004 — curl: Usage of disabled protocol CVE-2024-2379 — curl: QUIC certificate check bypass with wolfSSL CVE-2024-2398 — curl: HTTP/2 push headers memory-leak CVE-2024-2466 — curl: TLS certificate check bypass with mbedTLS CVE-2024-27316 — httpd: CONTINUATION frames DoS CVE-2024-28182 — nghttp2: CONTINUATION frames DoS
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2024:2694
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.57/html/red_hat_jboss_core_services_apache_http_server_2.4.57_service_pack_4_release_notes
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268277
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268639
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270497
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270498
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270499
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270500
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2694.json