{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-01-04T00:00:00", "descriptions": [{"lang": "en", "value": "The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-06T10:06:34", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SSRT101139", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "DSA-2579", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2579"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1227298"}, {"name": "oval:org.mitre.oval:def:18938", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22"}, {"name": "oval:org.mitre.oval:def:19284", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284"}, {"name": "openSUSE-SU-2013:0248", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685"}, {"name": "HPSBUX02866", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "openSUSE-SU-2013:0243", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4557", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SSRT101139", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "DSA-2579", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2579"}, {"name": "http://svn.apache.org/viewvc?view=revision&revision=1227298", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision&revision=1227298"}, {"name": "oval:org.mitre.oval:def:18938", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938"}, {"name": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22", "refsource": "CONFIRM", "url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22"}, {"name": "oval:org.mitre.oval:def:19284", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284"}, {"name": "openSUSE-SU-2013:0248", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=871685", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685"}, {"name": "HPSBUX02866", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "openSUSE-SU-2013:0243", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:42:54.760Z"}, "title": "CVE Program Container", "references": [{"name": "SSRT101139", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "DSA-2579", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2579"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1227298"}, {"name": "oval:org.mitre.oval:def:18938", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22"}, {"name": "oval:org.mitre.oval:def:19284", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284"}, {"name": "openSUSE-SU-2013:0248", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685"}, {"name": "HPSBUX02866", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"name": "openSUSE-SU-2013:0243", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4557", "datePublished": "2012-11-30T19:00:00", "dateReserved": "2012-08-21T00:00:00", "dateUpdated": "2024-08-06T20:42:54.760Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "02B629FB-88C8-4E85-A137-28770F1E524E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "03550EF0-DF89-42FE-BF0E-994514EBD947", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "4886CCAB-6D4E-45C7-B177-2E8DBEA15531", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "C35631AC-7C35-4F6A-A95A-3B080E5210ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "6CED2BA6-BE5E-4EF1-88EB-0DADD23D2EEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "A71F4154-AD20-4EEA-9E2E-D3385C357DA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "B0B8C9DB-401E-42B3-BAED-D09A96DE9A90", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "062C20A0-05A0-4164-8330-DF6ADFE607F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "D345BA35-93BB-406F-B5DC-86E49FB29C22", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*", "matchCriteriaId": "7ED4892F-C829-4BEA-AB82-6A78F6F2426D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request."}, {"lang": "es", "value": "El m\u00f3dulo mod_proxy_ajp en el Servidor HTTP Apache v2.2.12 por v2.2.21 coloca un nodo de trabajo en un estado de error ante la detecci\u00f3n de un tiempo de procesamiento de solicitudes demasiado elevado, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de nodos de trabajo) a trav\u00e9s de un solicitud compleja.\r\n"}], "id": "CVE-2012-4557", "lastModified": "2023-11-07T02:11:53.937", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-30T19:55:01.050", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1227298"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2012/dsa-2579"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "ant-0:1.7.1-13.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "antlr-0:2.7.7-7.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "bcel-0:5.2-8.1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "cglib-0:2.2-5.1.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "dom4j-0:1.6.1-11.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "ecj-1:3.3.1.1-3.2.2.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "glassfish-jaf-0:1.1.0-6.1.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "glassfish-javamail-0:1.4.2-0.4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "glassfish-jsf-0:1.2_13-2.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "hibernate3-1:3.3.2-1.5.GA_CP04.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "hibernate3-annotations-0:3.4.0-3.3.GA_CP04.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "hibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "httpd22-0:2.2.17-14.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-beanutils-0:1.8.0-4.1.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-chain-0:1.2-2.2.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-codec-0:1.3-9.1.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-collections-0:3.2.1-4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-daemon-1:1.0.5-1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-dbcp-0:1.2.1-16.4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-el-0:1.0-19.2.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-fileupload-1:1.1.1-7.4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-httpclient-1:3.1-1.1.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-launcher-0:1.1-4.6.1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-modeler-0:2.0-4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-commons-validator-0:1.3.1-7.5.1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-oro-0:2.0.8-3.3.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jakarta-taglibs-standard-0:1.1.1-9.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "javassist-0:3.12.0-1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jboss-common-core-0:2.2.17-1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jboss-common-logging-jdk-0:2.1.2-1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jboss-common-logging-spi-0:2.1.2-1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jboss-javaee-0:5.0.1-2.9.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jcommon-0:1.0.16-1.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "jfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "log4j-0:1.2.14-18.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "mod_cluster-0:1.0.10-2.GA_CP01.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "mod_cluster-native-0:1.0.10-2.GA_CP01.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "mod_jk-0:1.2.31-1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "mx4j-1:3.0.1-9.3.4.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "objectweb-asm-0:3.1-5.3.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "regexp-0:1.5-1.2.1.jdk6.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "struts12-0:1.2.9-3.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "tomcat5-0:5.5.33-14_patch_04.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "tomcat6-0:6.0.32-15_patch_03.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "tomcat-jkstatus-ant-0:1.2.31-2.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "tomcat-native-0:1.1.20-2.0.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "xalan-j2-0:2.7.1-5.3_patch_04.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "xerces-j2-0:2.9.1-3.patch01.1.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", "package": "xml-commons-1:1.3.04-7.12.ep5.el4", "product_name": "JBEWS 1.0 for RHEL 4", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2013:0512", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "httpd-0:2.2.15-26.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-02-20T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "ant-0:1.7.1-13.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "antlr-0:2.7.7-7.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "cglib-0:2.2-5.1.1.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "dom4j-0:1.6.1-11.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "ecj3-1:3.3.1.1-3.1.1.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "glassfish-jsf-0:1.2_13-3.1.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "hibernate3-1:3.3.2-1.4.GA_CP04.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "hibernate3-annotations-0:3.4.0-3.2.GA_CP04.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "hibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "httpd-0:2.2.17-11.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-beanutils-0:1.8.0-4.1.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-chain-0:1.2-2.2.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-codec-0:1.3-9.2.1.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-collections-0:3.2.1-4.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-daemon-1:1.0.5-1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-dbcp-0:1.2.1-16.4.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-fileupload-1:1.1.1-7.4.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-httpclient-1:3.1-1.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-commons-validator-0:1.3.1-7.5.2.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-oro-0:2.0.8-3.3.2.1.1.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jakarta-taglibs-standard-0:1.1.1-9.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "javassist-0:3.12.0-1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jboss-common-core-0:2.2.17-1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jboss-common-logging-jdk-0:2.1.2-1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jboss-common-logging-spi-0:2.1.2-1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jboss-javaee-0:5.0.1-2.9.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jcommon-0:1.0.16-1.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "jfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "mod_cluster-0:1.0.10-2.1.GA_CP01.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "mod_cluster-native-0:1.0.10-2.1.GA_CP01.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "mod_jk-0:1.2.31-1.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "objectweb-asm-0:3.1-5.3.1.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "struts12-0:1.2.9-3.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat5-0:5.5.33-16_patch_04.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat6-0:6.0.32-15.1_patch_03.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat-jkstatus-ant-0:1.2.31-2.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat-native-0:1.1.20-2.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "xalan-j2-0:2.7.1-5.3_patch_04.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "xerces-j2-0:2.9.1-3.patch01.1.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "xml-commons-0:1.3.04-7.10.jdk6.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "ant-0:1.7.1-14.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "antlr-0:2.7.7-7.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "cglib-0:2.2-5.4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "dom4j-0:1.6.1-11.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "ecj3-1:3.3.1.1-4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "glassfish-jsf-0:1.2_13-3.1.4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "hibernate3-1:3.3.2-1.8.GA_CP04.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "hibernate3-annotations-0:3.4.0-3.5.GA_CP04.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.3.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "hibernate3-entitymanager-0:3.4.0-4.4.GA_CP04.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "httpd-0:2.2.17-11.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-beanutils-0:1.8.0-9.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-chain-0:1.2-2.2.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-codec-0:1.3-12.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-collections-0:3.2.1-4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-daemon-1:1.0.5-1.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-dbcp-0:1.2.1-16.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-digester-0:1.8.1-8.1.1.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-fileupload-1:1.1.1-7.5.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-httpclient-1:3.1-1.2.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-io-0:1.4-4.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-logging-0:1.1.1-1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-logging-jboss-0:1.1-10.2.2.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-pool-0:1.3-15.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-commons-validator-0:1.3.1-7.5.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-oro-0:2.0.8-7.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jakarta-taglibs-standard-0:1.1.1-12.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "javassist-0:3.12.0-3.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jboss-common-core-0:2.2.17-1.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jboss-common-logging-jdk-0:2.1.2-1.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jboss-common-logging-spi-0:2.1.2-1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jboss-javaee-0:5.0.1-2.9.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jcommon-0:1.0.16-1.2.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "jfreechart-0:1.0.13-2.3.2.1.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "mod_cluster-0:1.0.10-2.2.GA_CP01.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "mod_cluster-native-0:1.0.10-2.1.1.GA_CP01.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "mod_jk-0:1.2.31-1.1.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "objectweb-asm31-0:3.1-12.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "struts12-0:1.2.9-3.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat5-0:5.5.33-15_patch_04.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat6-0:6.0.32-14_patch_03.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat-jkstatus-ant-0:1.2.31-2.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat-native-0:1.1.20-2.1.2.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "xalan-j2-0:2.7.1-5.3_patch_04.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "xerces-j2-0:2.9.1-8.patch01.1.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0897", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "xml-commons-0:1.3.04-7.14.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2011-06-22T00:00:00Z"}, {"advisory": "RHSA-2011:0896", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1.0", "product_name": "Red Hat JBoss Web Server 1.0", "release_date": "2011-06-22T00:00:00Z"}], "bugzilla": {"description": "httpd: mod_proxy_ajp worker moved to error state when timeout exceeded", "id": "871685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685"}, "csaw": false, "cvss": {"cvss_base_score": "2.6", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request."], "name": "CVE-2012-4557", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2012-01-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-4557\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-4557"], "statement": "This issue did not affect the version of httpd as shipped with Red Hat Enterprise Linux 5.", "threat_severity": "Low", "upstream_fix": "httpd 2.2.22"}