RHSA-2026:34355MediumCVSS 7.3
Red Hat Security Advisory: mod_http2 security, bug fix, and enhancement update
🔗 CVE IDs covered (2)
📋 Description
CVE-2026-43951 — httpd: Apache HTTP Server: Out-of-bounds Read in mod_headers and mod_mime CVE-2026-48913 — httpd: mod_http2: Apache HTTP Server mod_http2: Use After Free vulnerability allows arbitrary code execution or denial of service.
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2026:34355
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2486405
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2486415
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34355.json